Security News Microsoft warns of tech support scams using phishing emails

[LASER_oneXM]

Tech support scams are a growing nuisance, and companies like Microsoft have been working hard to deal with the threat that they pose to users. Appearing almost out of nowhere, supposed technicians from Microsoft are calling oblivious people telling them that their computer has a virus and needs to be fixed. Unfortunately, the fraudsters are only out to steal money from their victims, and probably steal personal and financial information too.

The Microsoft Malware Protection Center has seen this shady business model evolving further. It recently discovered a phishing campaign that utilizes innocuous-looking links in email but will instead lead to tech support scam websites. These websites use pop-ups and scare tactics to urge the victim to dial the number on the screen and pay for unnecessary "repair services."

Aside from the usual act of cold calling, typical online support scams start with malicious ads that offer fake installers and pirated media. Another attack vector is by malware such as Hicurdismos, which displays a fake BSOD or fake error notifications.

The spam emails, according to the blog post, pretend to be notifications from online retailers or professional networking websites. Links are embedded within the text to make it look less suspicious. These point to websites like "love.5[redacted]t.com," "s[redacted]t.com," and "k[redacted]g.org," which Microsoft believes are compromised.