There is almost no need to introduce tech support scams these days. You likely know a relative – or perhaps even yourself – who has received one of those fake system errors urging you to call Microsoft for immediate assistance. But there is something even worse that is now being seen.
There was a time when such annoyances only came via cold calls, but they have been largely supplanted by much more targeted attacks that happen thanks to malicious advertising.
Malvertising is responsible for most of today’s fake browser alerts that will hit you as you simply visit a website. All of the sudden, your session will be interrupted by a flashy, scary and annoying webpage.
As distressing as those fake errors may seem, they pale in comparison to a new threat vector known as the tech support scam lockers. In a disturbing trend, tech support scammers are no longer only playing the social-engineering card but they are also taking notes from malware authors’ playbooks. Now, the newer versions come in the form of malware executables whose purpose is to lock you out of your computer until you call the toll free number.
Distributed via adware bundles, those lockers behave just like real malware: they avoid virtual machines and stay dormant for a while before disabling your computer. This is a new era of tech support scams as a service, with developers building custom programs specifically for lead generation calls. When social engineering meets real world malware, the targeted population grows instantly, un-savvy or not.