ESET reports that “ESET researchers have spotted the first-ever ransomware misusing Android accessibility services. On top of encrypting data, it also locks the device.”
DoubleLocker: Innovative Android Ransomware
David Harley
ESET reports that “ESET researchers have spotted the first-ever ransomware misusing Android accessibility services. On top of encrypting data, it also locks the device.”
DoubleLocker: Innovative Android Ransomware
David Harley
My latest article for ESET’s WeLiveSecurity blog expands on an article that originally appeared in a lengthy article on support scams for ITSecurity UK, and subsequently in an article for the ESET Threat Radar Report for December 2015.
Support scams: What do I do now? covers some of the options for people who’ve allowed a support scammer to access their PC and, on discovering that they’ve been duped, have asked about the implications of that mistake and what they need to do next.
Link added to support scam resources page.
David Harley
When I posted the previous blog I suddenly realized I’d forgotten to add a recent article by Rob Waugh for ESET: Reverse charges: How one man turned the tables on PC phone scammers. My own blog Scamming the Scammers also refers.
Now added, of course.
David Harley
ESET Senior Research Fellow
Added to the resources page at http://avien.net/blog/pc-support-scam-resources/: a blog for ESET on support scams. To be precise, how support scammers sometimes convince you that they’re providing product support on behalf of the vendor.
I had a lot of helpful discussion with ESET’s support team that inspired the article. And I regard this kind of fraud as an insult to the sterling work that real AV tech support teams do.
Tech Support Scammers: Talking to a Real Support Team
David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow
An article by me for ESET: Support Scams: we don’t really write all the viruses…
Which includes commentary on and references to this article by Eddy Willems of GData: A curious phone call – when a help desk scammer offers you a job
Both added to PC ‘Tech Support’ Cold-Call Scam Resources, of course.
David Harley
ESET Senior Research Fellow
Added a link to the AVIEN support-scam resources page: to be precise, an article for ESET in which I commented on some recent developments in the support scam landscape, including a pointer to Jerome Segura’s article for the Malwarebytes blog: Support Scam Cold-Calling: the Next Generation.
Also referenced in the article and well worth a read is a recent post by Jean-Ian Boutin (also for ESET).
David Harley
Small Blue-Green World
ESET Senior Research Fellow
Well, not new resources, unfortunately. Just a couple of blogs I haven’t got around previously to flagging here: PC ‘Tech Support’ Cold-Call Scam Resources. I have lots of other material to add, but no time to edit it down to be readable at the moment, unfortunately.
Still you might find the additions (and the resources elsewhere that they point to) of some use and interest.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
Here are some recent (unedited) comments to one of my ESET articles on support scamming.
The latest comments to How to recognize a PC support scam include three particularly interesting comments. The first includes a couple of phone numbers that might be worth investigating. The second indicates an oddity as regards the scammer’s caller ID, and the third (by my colleague Aryeh Goretsky, who has experience in the telephone industry) explains its significance:
David Harley
ESET Senior Research Fellow
Report received via the ESET blog of a scam call using the ASSOC and Event Viewer ploys: scammer used the name Alex Parker, and said his company was Creative Solutions Online: creativesolutionsonline.net.
Whocallsme.com came up with a number 4034563615 used by scammers claiming to represent the same company, or for Windows Internet
Office address given as Clearwater, Fla., and phone numbers in UK, US, Australia
REGISTRANT CONTACT INFO
Sibyl Technology Solution
Rubel Debnath
339, purbasinthi
kolkata
west bengal
700030
IN
Phone: +91.9230062065
Email Address:
Also added to support scam resources page in case someone is interested in following up on data like this.
David Harley
… more info from readers of ESET’s Threatblog on globalpchelpline.com, IPC Support, and Online Tech. And did you know that your motherboard has a CLSID? (No, it doesn’t!)
—
David Harley