Scammers abuse big names to conduct fake support operations

Apr 22, 2015 22:43 GMT  ·  By

Scammers abuse the popularity of prominent online services like LinkedIn, Facebook, Pinterest or Quora, to promote fake tech support campaigns in the name of big companies in the security and communication industries.

Some of the firms whose name is used for bogus support desk operations are Kaspersky, Norton, AVG, and Comcast, but services like Outlook are also employed to attract potential victims.

Accounts on high-profile websites increase credibility

The scheme works by tricking the unsuspected caller seeking the resolution of a problem into purchasing different products or services, often at a higher price than the original item.

To thrive, spam needs to be exposed to a large audience, and this is one reason cybercriminals will always target communities such as Facebook.

But equally important is for the bait to pass as legitimate, and the communities on LinkedIn, Microsoft TechNet and Quora are known to be formed of professionals.

As such, by sneaking a fraudulent account into these services, the crooks ensure that online searches could lead to these spots and thus gain credibility in the eyes of the potential victim.

Multiple communities for professionals plagued by spam accounts

Malwarebytes discovered a tech support scammer’s account on LinkedIn, which was used to create group accounts. The details passed via the profile are suspiciously scarce for a business, though, which should trigger the alarm bells.

However, after searching the web for the phone numbers promoted by the crooks, the security researchers found that multiple high-profile websites were abused in the same manner.

“Social networks that target a variety of users, such as Facebook, YouTube, Pinterest, Quora, and others that welcome free public postings, were also made into inadvertent launchpads for supposed technical support campaigns,” the researchers say in a blog post on Wednesday.

According to them, the alleged tech support services advertise solutions to problems related to emails, including locked accounts, forgotten passwords or deleted emails, which do not cost a penny if the genuine support desk is contacted.

Other communities found to house spam of this kind include Microsoft TechNet, Scribd, SlideShare, BackPage and Academia.edu.

Tech support spam (4 Images)

Post on LinkedIn promoting fake tech support for Kaspersky
Tech support spam on Microsoft TechNetTech support spam on Quora
+1more