Malvertising leading to fake support

Chris Larson, for Blue Coat, reports finding a site with a fake anti-virus scan masquerading as Microsoft Security Essentials. However, instead of being prompted as with old-time fake AV to download fake AV, he was prompted to connect with a ‘live’ support specialist via LiveChat.

That’s not quite as novel as it may seem – see Scareware on the Piggy-Back of ACAD/Medre.A  by Righard Zwienenberg (from 2012) about a 24/7 chat support service that wasn’t, and Netflix Phishing Scam leads to Fake Microsoft Tech Support by Jerome Segura (2014). Facebook Likes and cold-call scams (2011) describes sites sitting waiting for people to find them rather than (or as well as) proactively coldcalling. And I seem to remember writing before about support scammers trying to evade legal measures by persuading the victim to contact them rather than coldcalling, though as far as I’m concerned it’s fraud either way if you offer to fix problems that don’t exist. I can’t remember where, but the chances are it’s buried somewhere on the support scam resource page on this site.

David Harley
ESET Senior Research Fellow



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.