How to get Tech Support Scammers to Install Malware

/ 8 years ago

How to get Tech Support Scammers to Install Malware

The old tech support scam – criminals posing as technical support staff in order to con computer users into surrendering access to their computers or paying to unlock ransomware – is, like its ancestor, the Nigerian 419 fraud, one of the more unfortunate side effects of the modern internet.

While most eTeknix readers are unlikely to fall for such a rudimentary con, many more inexperienced computer users fall prey the scammers, who often pose as Microsoft employees. Thankfully, there are some out there who like to give these swindlers a taste of their own medicine. When French blogger Ivan discovered that his parents were panicking over a fake HTML page, made by such fraudsters, claiming that their computer had been infected by “Zeus”, he decided to contact the phone number on the page and have a little fun with them.

ivan hack 1

“I fire up an old Windows XP VM, and get in touch with the “tech support”,” Ivan writes. After getting through to a supposed tech support agent (a Microsoft premium partner, whatever that means) named Dileep, Ivan plays dumb; he goes along with Dileep’s assessment that his computer is infected and agrees to purchase “Tech Protection” for €299.99.

Feigning poor eyesight, Ivan offers to send Dileep a photo of his credit card for payment. Rather than send a real photo through the remote assistance client, though, Ivan has other ideas: “I open my “junk” e-mail folder where I find many samples of the latest Locky campaign – those .zip files containing a JS script which downloads ransomware. I grab one at random, drag it into the VM. The remote-assistance client I installed has a feature allowing me to send files to the operator.”

ivan hack 2

When the “tech support” agent opened the file, Ivan tried “[his] best not to burst out laughing.”

“In conclusion,” Ivan writes, “whenever one stumbles on an obvious scam, the civic thing to do is to act like you buy it. Rationale: scammers don’t have the time to separate legitimate mugus from the ones who just pretend. Their business model relies on the fact that only gullible people will reply. Now were they spammed back, their workload would increase so much that scamming wouldn’t be a profitable activity anymore.” A social policy that we can all surely condone.

Image courtesy of West Chester Technology Blog.
Topics: , , ,

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest newsreviews, and competitions. Follow us on FacebookTwitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.
eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram

  • Be Social With eTeknix

    Facebook Twitter YouTube Instagram Reddit RSS Discord Patreon TikTok Twitch

  • Features

    Computex CES
    Fun Reads eTeknix Deals

Send this to a friend
})