Beware: Scammers Use Legit Websites to Spread Fake Tech Support Info

In today’s digital age, tech support scams are rampant. Cybercriminals are becoming more sophisticated, using clever tactics to deceive unsuspecting users. Recently, a new scam has emerged: scammers spread false support info using legitimate websites. Let’s delve into this alarming trend and learn how to protect ourselves from becoming victims.

Understanding the New Tech Support Scam

What Is the Search Parameter Injection Attack?

Scammers are now employing a technique known as a search parameter injection attack. This attack tricks users into believing they are receiving genuine technical support when they are actually interacting with fraudsters.

How Do These Scams Work?

First, cybercriminals pay for sponsored ads on search engines like Google. These ads mimic major brands such as Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. When users click on these ads, they are redirected to the brand’s legitimate website but with a twist.

The Clever Deception Strategy

Instead of taking users to the correct support page, the scammers insert their own fraudulent phone number. The URL looks legitimate, and the site appears genuine, but the contact information is not. As a result, users inadvertently call the scammers, who then pose as tech support to steal personal information or gain remote access to devices.

The Mechanics Behind the Scam

Sponsored Ads: The Starting Point

The scam begins with a sponsored search result that appears at the top of search engine listings. Users trust these results, assuming they are official.

Legitimate Sites, Fake Information

Once users click on the ad, they are directed to the real website. However, the scammers overlay the real site with fake information, such as a fraudulent phone number.

What Happens When You Call?

If users call the provided number, they reach scammers posing as tech support. The fraudsters might ask for personal data, credit card details, or remote access to computers, leading to potential identity theft or financial loss.

Recognizing the Red Flags

Tips to Identify Tech Support Scams

• Check the URL: Look for the brand’s official number in previous communications or on their official website. Compare it to the one in the search results.
• Watch for Suspicious Terms: Be cautious of words like “call now” or “emergency support” in the browser’s address bar.
• Heed Warnings: Pay attention to in-browser warnings about known scams.
• Verify Before Calling: Cross-check the number with previous emails or social media communications from the brand.

How to Protect Yourself

Steps to Safeguard Against Scams

1. Stay Informed: Be aware of the latest scams and how they operate.
2. Use Trusted Sources: Always get support numbers from official brand websites or verified communications.
3. Enable Browser Security Features: Use browser security settings that block deceptive sites.
4. Educate Others: Share this information with family and friends to prevent them from falling victim.

Real-Life Examples of the Scam

Case Study 1: The Apple Impersonation

A user searched for “Apple support” and clicked on the top ad. The site seemed legitimate, but the contact number was fake. After calling, the user was asked for credit card information, which led to unauthorized charges.

Case Study 2: The Microsoft Trickery

Another user needed help with Windows. They found a support number via a sponsored ad. It led to scammers who requested remote access to the user’s PC, resulting in stolen data.

Expert Insights

Research from Malwarebytes Labs

Pieter Arntz and Jérôme Segura, researchers at Malwarebytes Labs, have studied this scam extensively. They emphasize the importance of verifying contact information and being cautious of suspicious ads.

A Technologically Sophisticated Attack

The attack is called a search parameter injection attack because scammers craft malicious URLs that embed fake phone numbers into legitimate site searches. This makes the scam harder to detect.

FAQs About Tech Support Scams

What is a tech support scam?

A tech support scam tricks users into believing they need technical help. Scammers pose as legitimate support agents to steal information or money.

How can I identify a fake support number?

Always verify numbers with past communications from the brand or their official website. Look for inconsistencies in the URL or urgent language in the address bar.

Are sponsored ads always safe?

While many sponsored ads are legitimate, scammers can pay for ads too. Always double-check the website’s URL and contact information.

What if I’ve already called a scam number?

Immediately disconnect the call. Monitor your accounts for suspicious activity. Consider running a security scan on your device.

Conclusion

In conclusion, scammers are becoming increasingly clever, using legitimate websites to spread false support information. By staying informed and vigilant, users can protect themselves from these deceptive tactics. Always verify contact information, use trusted sources, and educate others about these scams. Together, we can thwart cybercriminals and ensure a safer digital environment.

Discover more at InnoVirtuoso.com

I would love some feedback on my writing so if you have any, please don’t hesitate to leave a comment around here or in any platforms that is convenient for you.

For more on tech and other topics, explore InnoVirtuoso.com anytime. Subscribe to my newsletter and join our growing community—we’ll create something magical together. I promise, it’ll never be boring! 

Stay updated with the latest news—subscribe to our newsletter today!

Thank you all—wishing you an amazing day ahead!