Security News Tech support locker scam poses as failed Microsoft Update

[Jrs30]

Content source

http://www.theregister.co.uk/2016/05/20/tech_support_locker_scam/

Tech support scammers are well aware of what is going on in the malware scene and often rip off ideas and concepts from other criminals. We see this today with for example bogus browser locks and fake AV alerts which are mostly an annoyance and can somewhat easily be disabled.

But things have been changing with more serious malware-like techniques to force people into calling rogue tech support call centres. We previously saw a case of fake Blue Screen Of Death (BSOD) actually locking up people’s desktops and now there is a growing demand for such ‘products’. Below is a Facebook post advertising a locker specifically designed for tech support scams. It tricks users into thinking their Windows license has expired and blocks them from using their computer.

To be clear, this is not a fake browser pop up that can easily be terminated by killing the application or restarting the PC. No, this is essentially a piece of malware that starts automatically, and typical Alt+F4 or Windows key tricks will not get rid of it.

Full article : Tech Support Scammers Get Serious With Screen Lockers

 

[frogboy]

Cybercrooks have put together a new scam that falls halfway between ransomware and old school browser lockup ruses.

The new class of “tech support lockers” rely on tricking users into installing either a fake PC optimiser or bogus Adobe Flash update. Once loaded the malware mimicks ransomware and locks users out of their computers. Unlike Locky, CryptoWall and their ilk it doesn’t actually encrypt files on compromised Windows PCs, however.

Jérôme Segura, a senior security researcher at Malwarebytes, said “tech support lockers" represent a class of malware more advanced than browser locks and fake anti-virus alerts of the pre-ransomware past.

"This is not a fake browser pop up that can easily be terminated by killing the application or restarting the PC,” Segura writes in a blog post. “No, this is essentially a piece of malware that starts automatically, and typical Alt+F4 or Windows key tricks will not get rid of it."

One strain of tech support locker employs a subtle piece of social engineering trickery by waiting until a users restarts their computer before confronting users with a fake Windows update screen. Users are told their computers can’t be restarted normally supposedly because of an “expired license key”. Thereafter a screen locks a user out of their computer in an attempt to trick marks into phoning a support number, staffed by scammers.

Victims are told that their problems can be resolved, for a fat fee of $250, Malwarebytes discovered.

Full Article. Tech support locker scam poses as failed Microsoft Update