Tech Support Scammers Start Using Phishing Techniques

Windows Tech Support Scam Phishing

As if the cold-calls weren’t annoying enough, tech support scammers have found a new way to try to breach your Windows computer. This time around they have discovered the art of phishing and decided to add it to their arsenal. The phishing campaign sends emails posing as legitimate websites with links that redirect you to a fake tech support site. The scam site will then try to trick you into contacting one of their help desk representatives.

Tech support scam email

Tech support scam email. Source: https://blogs.technet.microsoft.com/

For those who are not familiar with these types of scams, it is social engineering designed to trick you into believing your computer has a problem. Then you will be prompted to request help from a fake tech support agent to fix the problem at a high premium. Typically, these scams use three methods to con you into giving access to your computer. One of them is by using fake ads that display an error message and prompt you to contact the fake tech support. The second method is by using malware that reconfigures settings in your computer to make it seem like it has a problem. The last one, and the one I hate the most, is cold-calling. The call is from an individual impersonating a Microsoft employee who tries to scare you into thinking your computer has a virus.

On top of all the methods mentioned above now one has to add phishing campaigns to the list. The way these attacks work is by sending emails posing as legitimate sites like retailers and social networks. The emails contain a link that redirects the user to a fake tech support website displaying an error message and advising the user to contact a help desk center. The sites are designed in a way that mimics the appearance of a legitimate Microsoft website to try and trick users.

Email link redirects to fake tech support site.

Email link redirects to fake tech support site. Source: https://blogs.technet.microsoft.com/

It could be easy for an uninformed person to fall for these types of scams, particularly if they are not very tech savvy. Education is your best weapon to combat these types of phishing campaigns. If you are ever redirected to a site from a suspicious email, be sure to check who the security certificate is issued to. This also applies to any installers or programs downloaded. Furthermore, whenever a legitimate error message appears, it will never ask you to contact a certain number. It will show you an error code and recommend you to research it online. Windows 10 also offers protection from the different vectors used by tech support scams so be sure to keep your OS updated.

In the case of the cold-callers, many tell-tale signs that expose the fraud. The fact that they are calling you due to issues on your computer is an indicator in itself that it’s a tech support scam. Large companies like Microsoft will not go out of their way to call you regarding a problem with your computer; you will call them if you run into a problem. I hate the cold-callers, I hate them with a passion. If you ever get called by these scammers, and you realize who they are, please do humanity a favor and do what this guy does:

Leave a Reply

Your email address will not be published. Required fields are marked *