What do the search terms “chicken recipe,” “solitaire” and “weather” have in common? They are all search terms cybercriminals think Seniors use frequently.

To take advantage of this, the criminals create hundreds of fake web sites purporting to relate to these terms and buy search ads to point to the tainted web sites.

The goal? Trick the unsuspecting into clicking on the ad when they think it is an actual search result. This leads to what initially looks like a legitimate site but quickly is replaced by a full-screen message saying the computer is infected and to call the “support number” at the bottom of the screen.

By abusing a browser feature that remaps keystrokes when a page is in full screen mode, the user will not be able to exit from the full screen page unless they press and hold the Escape key for several seconds.

Many people panic and call the phone number on the screen. Once on the phone, the scammers convince them the issue is legitimate and offer to “fix” it for a fee. Often, they are so “helpful” they will assist in going to the targets online banking account and initiate the payment for them. Odd how these “technicians” frequently have challenges with their typing skills, often getting extra 0’s in the amount.

Takeaways:

1. Regardless of the search term, pay close attention to the search results and don’t inadvertently click on an ad.

2. If, while browsing a website, you get a dire message that takes up the whole screen, try holding down the escape key for several seconds.

3. Don’t trust the support phone number displayed on the screen. If you feel you need support, find it from a different source.

4. Don’t let strangers remotely connect to your computer.

5. When in doubt, reboot.

Source: Malwarebytes

Definition

Tech support scam - A type of fraud where scammers pretend to be technical support representatives from legitimate companies, such as Microsoft or Apple, and contact individuals to convince them that their computer has a virus or other problem. The scammers then offer to fix the issue for a fee or by gaining remote access to the victim's computer, which can lead to identity theft or the installation of malware.

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.