- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
IDG News Service - Scammers have devised new ways to trick users into revealing personal information, hand over control of computers and pay for unnecessary software and tech support services, security experts warn.
Researchers from security firm Malwarebytes recently came across a tech support scam targeting smartphone and tablet users, and the U.S. Federal Trade Commission warned consumers earlier this month about scams offering tech support refunds.
Tech support scams typically involve scammers making unsolicited calls to users and posing as technical support specialists responding to malware infections or other problems allegedly detected on their computers. This type of cold-calling scam has become common in recent years, especially in English-speaking countries, and prompted warnings from consumer protection groups, government agencies and security companies.
The scammers use professional and technical language to gain users' trust and ask them to download and install remote access programs on their computers. They then connect to those computers and open various system utilities like the Windows event viewer or registry editor to show victims errors in an attempt to prove their computers have a problem.
The goals of these scams can be to enroll victims in unnecessary tech support services, trick them into buying useless security software, install malware on their computers, or steal their credit card and personal information.
Tech support scammers have targeted both Windows and Mac OS X users in the past, but it seems they are now expanding into the mobile market space.
"Companies involved in these scams can use one of two methods (or both) to reach out to potential victims: cold calling and/or online advertising," said Jerome Segura, a senior security researcher at Malwarebytes, in a blog post Monday. "While paying for ads requires a certain budget, ads have the advantage of funnelling higher quality prospects because people are actually already experiencing an issue."
Segura recently searched for "Android slow tech support" on Bing from his Android tablet and the first two sponsored results -- paid ads -- led to sites from companies offering tech support for tablets and smartphones. He called the toll-free number listed on one of the sites and, according to him, what followed was clearly a tech support scam.
The alleged support technician asked Segura to connect his phone to his computer and then install remote access software on the PC so he can access the phone. After connecting through the software and browsing through the internal storage of the phone, the technician claimed a malware infection on the PC was actually causing problems on the whole network and affecting the Android phone when using Wi-Fi.
He then claimed a file called rundll32.exe, which is actually a legitimate Windows system file, was the problem and claimed it had also been installed to the phone. From a technical point of view, this doesn't make sense since Windows executable files can't run on Android.