Last July, we posted about the latest wave of Windows scams designed to either install malware on your system or steal your information, outright. At the time, scammers were primarily cold-calling targets, claiming to be from Microsoft or Windows. (Hint: “Windows” doesn’t have a staff. All support personnel work for Microsoft.) They were also using a spoofed email that appeared to be from Microsoft, or a popup that spoofed the dreaded “blue screen of death” (BSOD; aka, a crash screen) with a phone number to call for help.
The scammers are at it again, and they are going after users of both Windows and Mac operating systems. They have also added some tools to their arsenal.
- In the case of Windows, scammers are using phishing-style emails spoofed to look like they are from well-known brands such as Alibaba, Amazon or LinkedIn. The email is ostensibly an invoice, canceled order or social media message, but it contains infected links hidden in seemingly harmless text. The links lead to a compromised website that instantly redirects the victim to a tech support scam website. (Scammers have also been using malicious ads where simply hovering over or near the link activates it and moves users through the scam scenario described above.)Once on the site, techniques such as bogus security alert popups scare users into calling a hotline and providing their credit card information to pay for unnecessary “technical support services.”
- With Apple, scammers also use phishing emails similar to those mentioned above, but in or around October 2017, a new campaign was launched. Scammers started targeting iPhone users specifically with a spoofed email that has the subject line “Reminder: We have an update on our Policy Updates Page.” To get around spam filters, it includes a fake case reference number. Once opened, it employs a well-crafted, persuasive message that urges users to log in and “verify” their account info.
Another widespread tactic that works on both Windows and Mac machines and devices is the use of malware known as TechBrolo. In one example, it creates a looping dialog box that locks the browser while an audio file plays, describing the supposed problem and urging the user to call a support number.
NONE OF THESE ARE LEGITIMATE.
- BSOD’s (crash screens) don’t include support numbers.
- Neither Apple nor Microsoft proactively reach out to users to offer unsolicited tech support.
- Apple will never ask for Apple ID passwords or temporary verification codes to provide support. Do not share them with anyone.
To avoid being duped by phishing emails, both Apple and Microsoft recommend users avoid opening any unsolicited emails that contain an attachment. Apple also requests that all users who receive suspected phishing email send it to the company for evaluation.
Don’t feel foolish if you are almost caught in the net. Millions of users each month are exposed to tech-support and update scams, and many take the bait. For more assistance with malware, phishing scams and other scammer tactics, give us a call at 678-719-9671.