Tech Support Scammers Using Phishing Tactics, Warns Microsoft

Fraudsters are impersonating trusted brands in an effort to get users to pay for fake technical support and hand over their personal information.

Tech Support Scams

Tech support scammers are switching up their tactics, warns Microsoft security researchers who reported on the latest data from the spam filters in the company's Exchange Online Protection and Outlook.com email services.

Tech support swindlers are increasingly using phishing techniques in an attempt to lure unsuspecting users. "The said spam emails use social engineering techniques—spoofing brands, pretending to be legitimate communications, disguising malicious URLs—employed by phishers to get recipients to click suspicious links," explained Microsoft Malware Protection Center staffers Alden Pornasdoro, Jeong Mun, Barak Shein and Eric Avena in an Aug. 7 advisory.

"However, instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary 'technical support services' that supposedly fix contrived device, platform, or software problems," they continued.

In accompanying screenshots, the researchers showed how scammers use fake LinkedIn email notifications and order cancellations from Amazon or Alibaba to get users to click on embedded links. Users are typically redirected to support scam sites that impersonate legitimate sites, except these display pop-up messages or unending dialog loops onto a user's screen, complete with bogus warnings and support phone numbers.

Microsoft's battle against tech support scams goes well beyond sharing its security research.

In June, the company assisted in the arrest of four alleged fraudsters in the U.K. In May, the Federal Trade Commission (FTC) announced 29 law enforcement actions, which range from court complaints to guilty pleas, as a result of a tech support scam crackdown called Operation Tech Trap.

Microsoft assisted the FTC by providing information gleaned by new artificial intelligence (AI) systems that can track tech support scams much more efficiently than traditional approaches that require victims and attentive users to report a scam. The trouble with the traditional investigative approaches is that scammers typically move on by the time the authorities catch up.

Using machine learning and new AI tools that run on the software giant's Azure cloud computing platform, Microsoft was able to scour the web for the signs of a tech support scam. After running their findings through Power BI's data visualization tools, the company presented its information to the FTC.

Last year, security firm Malwarebytes noticed that tech support scams were growing more insidious.

Moving away from cold-calls that are typically used to ensnare less tech-savvy users, scammers have taken to employing ransomware and malvertizing. Using the ransomware approach, combined with speaking to a live person, makes it likelier that victims will pay and not report the crime than ransomware alone, according to a Malwarebytes researcher.

In its own analysis, Microsoft estimates that three million users of its Windows Defender Antivirus and Windows Defender SmartScreen browser protection technologies encounter a tech support scam each month. English-speaking countries are the most popular targets, with the U.S. in first place (58 percent), followed by the U.K. (13 percent), Canada (11 percent) and Australia (8 percent).

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the Internet.com network of...