They take advantage of human fear and cause panic in the potential victim, and for the purpose of financial gain, CERT explains and adds that such “technical support” helps with non-existent software or computer problems, installs malicious software and steals sensitive and banking information.
A large number of malicious groups, for whom this type of fraud is their primary source of income, use the same attack scheme. Attackers set up a fake page with contact information and offer the technical support services of a legitimate corporation or send spam messages with contact information. A potential victim searches the Internet to find the technical support phone number of, for example, Microsoft.
Due to the well-optimized so-called SEO (eng. Search Engine Optimization) settings, the attacker’s page is highly positioned in the search results. A potential victim calls the phone number of one of the technical support services offered in the search results. A call center agent, who is part of a malicious group, takes the call and begins the first phase of the fraud. Asks the victim to enable or install remote control software, such as TeamViewer or AnyDesk, and preferably that software has the ability to take away the keyboard or mouse or even turn off the screen, so that the victim cannot see what is happening in front of them.
The attacker then displays a screen with scripts that show the infected computer, but are actually harmless codes. In this way, they create panic in the victim, and at that moment they offer a solution – they will clean the computer of “malware” for a small amount of money, in the form of cryptocurrency or a gift card. In a panic, the victim pays “technical support”, and in addition to being at a financial loss, he is potentially left without sensitive data. Of course, the attacker deletes the harmless script, but leaves the malware behind, so that he can access the computer again in the future.
CERT obstacles: The best defense
- Maintain cyber hygiene – protect your data, devices, user accounts and network
- Good check the contact data – phone numbers and email addresses, a legitimate address will not look like [email protected] or [email protected]
- Legit companies you will never ask for sensitive data like passwords, and especially not via phone or video call!
- Block pop-ups! They may redirect you to fake, phishing sites or initiate malware downloads, and legitimate companies won’t leave tech support contact information in a popup.
- Technical support is usually a free service, and in case of payment, legitimate companies will not ask you for it payment in cryptocurrencies or gift cards
- Download software from legitimate sources!
- Please update software, operating system and browser regularly!