Tuesday, December 10, 2013

Tech Support Scams Still Evolving


tech-support-scam

The ESET tech support have been running into customers who think they’ve been getting help from ESET or it’s partners but it turns out they have been tricked by scammers.

Customers are receiving calls from an “ESET 3rd party tech support rep” who says their computer had been corrupted and needed to be fixed.

Also, customers are getting calls from “Microsoft”, informing them that a notification had been received concerning a virus infection on their PC, offering his services to help.  Scammers are installing cracked versions of ESET’s software and other software while retracting information from your computer, along with taking their money.

Here is an example of the dialogue from these scammers:

Scammer: Hello, we are calling you because we see your computer has a lot of infections and is approaching a system crash.  If you let me remote in I can assist with removing the infections to save your computer for only $300.00.

User: Well that’s odd, I typically use  and their support for issue like this.

Scammer: We are 3rd party support for , so we can support you.

User: “Oh that’s great!” or “Let me call  first.”

A customer said he was told to ‘press Windows R’ (Runs the Command) and then type ‘inf location virus’ into the dialog box.  “inf” is a search term for C:\\Windows\Inf, which contains files used in installing the system.


inf-copy


A company called Speak Support offering “Mac® Technical Support” misused the internet utility ping in hope of convincing a potential victim that he has no active protective software on his system.

The phony tech asked the customer to open a terminal window and used ping from the command line to query a site called protection.com.  This is what shows up:

wilbur:~ davidharley$ ping protection.com
PING protection.com (72.26.118.81): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
Request timeout for icmp_seq 7
Request timeout for icmp_seq 8
Request timeout for icmp_seq 9
Request timeout for icmp_seq 10
^C
--- protection.com ping statistics ---
10 packets transmitted, 0 packets received, 100.0% packet loss
The ^C shows where I got bored with counting timeouts and terminated the request.

Here’s how to contact ESET if you’re a customer with malware-related problems:
  • If you’ve received specific information about support from your local distributor when you bought the product, that’s the first place to look.
  • Go to http://www.eset.com  and check out the resources on the Support tab. This tab will offer a number of options, including a search facility, access to the ESET Knowledgebase, a form that enables you to contact Customer Care to submit a specific case, and a link to contact pages for ESET’s offices around the world.
  • You can also get there via the help and support facility in the product itself.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

References:

Tech Support Scammers: Talking to a Real Support Team – We Live Security
http://www.welivesecurity.com/2013/11/22/tech-support-scammers-talking-to-a-real-support-team/
November 22, 2013

Tech support scam update: still flourishing, still evolving – We Live Security
http://www.welivesecurity.com/2013/10/29/tech-support-scam-update-still-flourishing-still-evolving/
October 29, 2013

No comments:

Post a Comment