Malwarebytes gives a peek at the anatomy of a tech support scam; scammers at one time were selling $25 versions of Malwarebytes software for as much as $1,000.

Steve Zurier, Contributing Writer, Dark Reading

October 18, 2016

4 Min Read

Tech support scams hit thousands of consumers a year, causing millions of dollars in financial losses -- and many of these scams operate out of southern Florida.

Malwarebytes' report, The Anatomy of Tech Support Scams, says that from January 1, 2016 to April 30, 2016, the FBI’s Internet Computer Complaint Center (IC3) received 3,668 complaints with adjusted losses of $2,268,982. While many of these scams prey on the elderly, many of these attacks use malware and ransomware that can even victimize the most tech-savvy users.

The Malwarebytes report comes on the heels of a study published yesterday by Microsoft and the National Cyber Security Alliance (NCSA) that shows that two out of three customers have been exposed to this type of fraud in the last 12 months, and millennials are becoming a growing target of these scams.

Justin Dolly, CSO and CIO at Malwarebytes, says that the stereotype of these scams emanating from India has been replaced by more local, US-based criminal operations, many of which are based in southern Florida.

“There’s no definitive reason for why southern Florida has become a hotbed, our best guess is that there are a lot of telemarketing companies there and this kind of criminal activity is an outgrowth of that,” Dolly says.

Jean-Phillippe Taggart, senior security researcher at Malwarebytes, says his firm chose to become vocal about these scams because in many cases the scammers were selling $25 versions of Malwarebytes software for as much as $1,000.

“In some cases, the criminal are just interested in making money, but very often if things appear as if the potential victim will not buy the fraudulent products or services and they go south they can do some real damage to people’s computers,” Taggart says.

Many of the latest tech support scams such as scam lockers use malware and extortion tactics to force victims to call these criminal organizations. Because the scammers use malware and ransomware, simply installing what appears to be a software update or video codec can infect a victim’s computer. They are then forced to call the scammers to unlock their machines.

“The other thing people need to understand is that these are often very aggressive sales organizations with experienced tech people,” Taggart says. “In many cases the tech support people may not fully know that they are involved in a scam.”

In fact, during a sting operation Malwarebytes ran with the FTC, it took about two or three times before they actually found fraudulent activity.

“We found that it was about an 80-20 rule, with about 80 percent of the calls being legitimate calls by these criminal organizations,” Taggart says. “They can be very hard to uncover.”

Malwarebytes has been working with the Federal Trade Commission to prosecute these cases. According to the report, in 2014, Malwarebytes worked with the FTC to shut down OMG Tech Help, a US-based tech support company. The FTC alleged that OMG used software designed to trick consumers into thinking that there were problems with their computers and directed them to telemarketers who used high-pressure deceptive sales pitches for tech support products and services.

Malwarebytes researchers testified in court with strong evidence against OMG, including video evidence of their fraudulent activities. On June 20 of this year, the FTC announced that OMG had settled and have been required to surrender all of their assets to a court receiver.

Here's how to identify and respond to tech support scams:

1.      Microsoft will not contact you out of the blue. Don’t ever expect Microsoft to notify you if there is a problem with your computer. If you receive such as notice, be suspicious and report the incident.

2.      Do a search. If you suspect that you are being approached by one of these scammers, do a search on Google of the company’s phone number and see if anyone else has ever reported on them.

3.      Bring your computer to an authorized dealer or store. If you are having problems, don’t engage the scammer company. Just take your computer to an authorized dealer or an electronics retail store and have them check your computer.

4.      Be careful what and where you download. Only download applications from authorized app stores or the websites of legitimate software companies. Many of the scam lockers are wrapped into bundlers that look legitimate, but are often malware and ransomware.

Consumers in the US suspecting they were hit by a tech support scan should report it to the FTC. For those outside the US, go to https://blog.malwarebytes.com/tech-support-scams/

Related Content:

About the Author(s)

Steve Zurier

Contributing Writer, Dark Reading

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights