Incident Response, Malware, TDR, Threat Management

Symantec spots tech support scammers using links on popular sites to lure victims

Researchers at Symantec have spotted attackers using fake Facebook accounts to post links to view free movies and sporting events in the comments of popular articles and posts on Facebook, Buzzfeed, ESPN, and the Huffington Posts that lead to tech support scam sites, according to a Symantec blog post

Attackers first post scam-free comments then return five to ten minutes later to edit their posts to include a malicious link. Once a user clicks on the link and attempts to play the content they are redirected through AdCash, a site known to host malicious advertisements, to a site that mimics the tech support websites for a user's device.

The pages contain false warning messages designed to trick victims into thinking their devices were infected with malware. and compel them to call the scammers, where they're then asked to provide sensitive information. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.