Microsoft is focusing its investments in artificial intelligence (AI) on other pursuits besides beating classic arcade games.
One way the Redmond, Wash. technology giant is using its growing cloud-based AI toolkit is to combat tech support scams that trick Internet users into spending money on dubious software. Typically, these scams involve pops-up ads, seemingly from a user’s ISP (Internet service provider), operating system maker or another official-looking organization, which claim to have detected malicious software or performance issues on a would-be victim’s PC. Sometimes, scammers even pick up the phone.
Last October, Microsoft’s Digital Crimes unit warned that two-thirds of consumers had experienced, but not necessarily fallen victim to, a tech support scam in the preceding 12 months.
Although Microsoft receives reports of attempted attacks from customers, scammers may have already moved on by the time the company can respond. It’s a cat-and-mouse game where phone numbers are quickly abandoned and IP addresses are continually swapped. Complicating matters, few reports sent to Microsoft contain screenshots of the pop-ups users encounter and manually searching the web for scam sites is highly impractical.
As tech support scams grow more sophisticated in hopes of ensnaring a tech-savvier populace, so have Microsoft’s efforts to combat them. The company’s weapon of choice: AI.
To level the playing field, the company is resorting to AI, it revealed in a recent blog post.
Microsoft revealed that it is using machine learning and analytics to scour the web for tech support scammers and reveal their tactics. Running custom AI tools on its Azure cloud platform, the company’s security researchers devised a system that detects scam sites and the tech tricks they use.
For example, the system can spot scam sites that refresh pop-up notifications in microseconds, giving the illusion that they are a permanent, if unwelcome, fixture on a user’s screen. Machine-learning tools were used to spot similar images and words used by scammers while its Computer Vision API (application programming interface), part for the Microsoft Cognitive Services suite, was used to pick out phone numbers and other potentially useful information from pop-up ads.
Armed with this information, and after running the data through Power BI’s data visualization tools, the company turned its findings over to law enforcement, which in turn helped the U.S. Federal Trade Commission (FTC) in its most recent tech support scam crackdown called Operation Tech Trap.
Last month, the FTC announced a total of 29 law enforcement actions, including court complaints, settlements, indictments, and even some guilty pleas as the result of Operation Tech Trap.
“Tech support scams prey on consumers’ legitimate concerns about malware, viruses and other cyber threats,” said Tom Pahl, Acting Director of the FTC’s Bureau of Consumer Protection, in a May 12 announcement. “The FTC is proud to work with federal, state and international partners to take down these scams, and help consumers learn how they can safeguard their computers against real cybersecurity threats.”
In addition to Microsoft, Apple and Malwarebytes were also among the technology companies that aided the FTC in Operation Tech Trap.