Tech support, accident insurance and PPI scams

An article by me for ESET that I should have posted here ages ago: Scams: Tech Support, Accident Insurance, PPI, Oh My My.

Of course, Indian call centres don’t spend all their time (and waste ours) on tech support scams asking for payment for help with non-existent problems: they also have a nasty habit of ringing with other types of scam: accident insurance scams and PPI (Payment Protection Insurance) scams.

And I just realized that I didn’t actually post a link to an excellent post by Martijn Grooten that’s briefly referenced in the same blog: Tech support scammers won’t give up.

Naturally, both links have been added to the scam resources page.

David Harley
ESET Senior Research Fellow

Smartphones, Tablets and Support Scams

An interesting article by Jérôme Segura for the Malwarebytes blog: Tech support scammers target smartphone and tablet users. With particular reference to scammers advertising support for Android.

You might also find this thread, flagged by my good friend Steve Burn, also of Malwarebytes, of interest: https://www.mywot.com/en/forum/42800-microsoftsupporter-com.

Added to the Tech Support Scam Resources page, of course.

David Harley
Small Blue-Green World
ESET Senior Research Fellow 

Added to the support scam resources page

An about.com article by Andy O’Donnell on Beware of the ‘Ammyy’ Security Patch Phone Scam: A new twist on an old scam. Rather a narrow AMMYY- and US-centric view of how tech support scams work, but has some suggestions that may be useful to all those people who ask what to do when they’ve allowed a support scammer access to their PC.

Link added to the AVIEN PC ‘TECH SUPPORT’ COLD-CALL SCAM RESOURCES page.

HT to Patrick Nolan.

David Harley 
ESET Senior Research Fellow

Another tech support scam resource

Added to the resources page at http://avien.net/blog/pc-support-scam-resources/: a blog for ESET on support scams. To be precise, how support scammers sometimes convince you that they’re providing product support on behalf of the vendor.

  1. By social engineering in the course of a cold-call.
  2. By seeding the web with sites and using SEO to promote them that support their claims to provide AV tech support, though they’re unlikely to claim there that they’re directly affiliated with individual companies.

I had a lot of helpful discussion with ESET’s support team that inspired the article. And I regard this kind of fraud as an insult to the sterling work that real AV tech support teams do.

Tech Support Scammers: Talking to a Real Support Team

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow

Support scams update

Just added to the tech support scam page here: a link to a lengthy blog I recently put up on the ESET site.

Here’s a direct link to that blog article: Tech Support Scam Update: Still Flourishing, Still Evolving.

It includes some information on gambits gleaned from people who’ve commented on ESET articles on the topic, from blogs by Martijn Grooten and Jerome Segura, and from some conversations I had at this year’s Virus Bulletin conference a few weeks ago. The misuse of ping for convincing Mac users they have a problem is particularly interesting, though they’ll need to find another approach now. (All is explained in the article.)

David Harley
Small Blue-Green World
ESET Senior Research Fellow

Another tech support scam resources update

An article by me for ESET: Support Scams: we don’t really write all the viruses…

Which includes commentary on and references to this article by Eddy Willems of GData: A curious phone call – when a help desk scammer offers you a job

Both added to PC ‘Tech Support’ Cold-Call Scam Resources, of course.

David Harley
ESET Senior Research Fellow

Support Scam Resources Update

Added a link to the AVIEN support-scam resources page: to be precise, an article for ESET in which I commented on some recent developments in the support scam landscape, including a pointer to Jerome Segura’s article for the Malwarebytes blog: Support Scam Cold-Calling: the Next Generation.

Also referenced in the article and well worth a read is a recent post by Jean-Ian Boutin (also for ESET).

David Harley
Small Blue-Green World
ESET Senior Research Fellow