- Jan 24, 2011
- 9,378
The tech support scam has been around for ages: a Microsoft/Windows “support technician” will initiate a cold call to potential victims or lure them in via online advertising, before going on to ask for payment to fix very dire-sounding, non-existent PC problems. Now, that scam is evolving to the mobile world.
Malwarebytes researcher Jérôme Segura noted in an analysis that since more and more crooks seem to be going after smartphone and tablet users, he set out to see what it took to run into one of them when looking for Android support online. It didn't take much.
“While paying for ads requires a certain budget, ads have the advantage of funneling higher quality prospects because people are actually already experiencing an issue,” he explained. To start his investigation, he did a Bing search for “Android slow tech support” that was performed directly from an Android tablet. After clicking on one of the results, he was taken to a “typical, run-of-the-mill online tech support page whose main goal is to incite the visitor to call the 1-800 number for assistance.”
After calling and getting a “technician,” the gambit began to play out almost immediately.
“I was prepared for every possibility, having a Virtual Machine running Android’s Jelly Bean and also a real physical Motorola Droid 4,” he said. “Interestingly enough, the tech support technician told me that he would not be able to directly connect to our phone and that I had to plug it into a computer (laptop or desktop) first. What their intent was quickly became clear when they asked me to download remote login software so they could connect to our PC.”
He then ran a “scan” and proceeded to spout garbage “techspeak” geared to fool a layperson into thinking that what was happening was legit.
Segura documented some of it:
“Alright Sir. Just let me know one thing Sir. So when you are doing work on your mobile phone or on your computer ok, do you receive any kinds of pop ups for operation {inaudible} like Adobe Flash Player, or anything like Java as well as on your mobile phone? You get a pop up right? And you always connect your mobile phone with your Wi-Fi right? So the thing is there are some kind of infection over here, so that’s why the infections transfer from your network to your phone ok?”
The technician then identified one particularly “dangerous file,” naming a Windows executable that would never be compatible with Android. And in perhaps the most blatant lie, purported to remove all supposed infected files into the trash can before having them appear to re-infect the device by moving them back out of the bin.
After all of that smoke-and-mirrors action, the bill in total came to $299 for one year of “support.”
Read more: http://www.infosecurity-magazine.com/view/36477/tech-support-scams-move-on-to-android/
Malwarebytes researcher Jérôme Segura noted in an analysis that since more and more crooks seem to be going after smartphone and tablet users, he set out to see what it took to run into one of them when looking for Android support online. It didn't take much.
“While paying for ads requires a certain budget, ads have the advantage of funneling higher quality prospects because people are actually already experiencing an issue,” he explained. To start his investigation, he did a Bing search for “Android slow tech support” that was performed directly from an Android tablet. After clicking on one of the results, he was taken to a “typical, run-of-the-mill online tech support page whose main goal is to incite the visitor to call the 1-800 number for assistance.”
After calling and getting a “technician,” the gambit began to play out almost immediately.
“I was prepared for every possibility, having a Virtual Machine running Android’s Jelly Bean and also a real physical Motorola Droid 4,” he said. “Interestingly enough, the tech support technician told me that he would not be able to directly connect to our phone and that I had to plug it into a computer (laptop or desktop) first. What their intent was quickly became clear when they asked me to download remote login software so they could connect to our PC.”
He then ran a “scan” and proceeded to spout garbage “techspeak” geared to fool a layperson into thinking that what was happening was legit.
Segura documented some of it:
“Alright Sir. Just let me know one thing Sir. So when you are doing work on your mobile phone or on your computer ok, do you receive any kinds of pop ups for operation {inaudible} like Adobe Flash Player, or anything like Java as well as on your mobile phone? You get a pop up right? And you always connect your mobile phone with your Wi-Fi right? So the thing is there are some kind of infection over here, so that’s why the infections transfer from your network to your phone ok?”
The technician then identified one particularly “dangerous file,” naming a Windows executable that would never be compatible with Android. And in perhaps the most blatant lie, purported to remove all supposed infected files into the trash can before having them appear to re-infect the device by moving them back out of the bin.
After all of that smoke-and-mirrors action, the bill in total came to $299 for one year of “support.”
Read more: http://www.infosecurity-magazine.com/view/36477/tech-support-scams-move-on-to-android/
