New report by Symantec shows tech support scammers have been using call optimization software.
When you run a business of any size–but especially a small operation with limited funding and a team that has to work hard while wearing many hats–it’s vital that you take advantage of cost effective business tools.
Even if it requires investing a little money in your operation, it can mean a better outcome when things run smoothly and you see a return on that investment. That’s why so many companies offer business solutions to streamline productivity, ensure quality customer service, and more.
Now, even scammers are taking advantage of tech to increase their productivity and profit margin.
A new report by Symantec shows that tech support scammers have been using call optimization software to ensure that their victims reach a phone number in the right region, are directed to the right language speaker, and to uncover information about the victims’ computers to make the scam plausible.
According to Siddesh Chandrayan, Threat Analysis Engineer at Symantec, “As with many tech support scams, it is initiated when an unsuspecting user visits a malicious website or is redirected to one by various means such as a malvertisement or compromised website. The scam web page informs the victim that the computer has been blocked due to a malware infection and tries to lure the user into calling a ‘toll free’ number for assistance. An audio file, stating that the computer is infected, is also played in the background when the user arrives on the scam web page.”
From there, the optimization script inserted in the malicious code can also determine the victim’s browser and browser version, lending both credibility and ease of access to the scam.
Unfortunately, there’s a good bit of social engineering at work here, and it can be pretty difficult to ignore.
Receiving a flashy warning or even hearing an audio warning that your computer is infected doesn’t exactly make most users laugh it off and exit out. Also, one of the key pieces of advice for many years has been to avoid supplying sensitive info, payment, or remote access to someone who contacts you, but in this twist on a tech support scam, you called them.
As with so many other types of scams or fraud, education is the key. Understanding how these tactics work and accepting the fact that tech support agents are not monitoring your computer at all times are important for avoiding the threat.
No comments: