Urgent Alert: Windows and Apple Support Hoaxes Present Serious Threats

Posted by On with No Comments

Categories: Alert, Malware, Security



Carmichael Support Tip

If you receive any emails or see any dialog boxes or screen pop-ups urging you to call a support line, take the following action:

Windows:
Press Ctrl-Alt-Del and open the Task Manager. Under the Applications tab, click the line where your browser appears, and click End Task. If you are asked if you want to restore the session, say No. Run a malware scan, and clean up your system. That should fix the problem.

Macs:
If you are running Safari 9.1: For pop-ups, press the Close button on the pop-up. If the pop-up reappears or will not close, click X on the tab or close the entire Safari window. For earlier versions of Safari, or for iPhone, iPad, or iPod: Click here.

To remove apparent adware from your Mac, update to the most recent version of OS X El Capitan. If your Mac already has the most recent version of El Capitan, restart it. El Capitan removes adware only at login.

Last July, we posted about the latest wave of Windows scams designed to either install malware on your system or steal your information, outright. At the time, scammers were primarily cold-calling targets, claiming to be from Microsoft or Windows. (Hint: “Windows” doesn’t have a staff. All support personnel work for Microsoft.) They were also using a spoofed email that appeared to be from Microsoft, or a popup that spoofed the dreaded “blue screen of death” (BSOD; aka, a crash screen) with a phone number to call for help.

The scammers are at it again, and they are going after users of both Windows and Mac operating systems. They have also added some tools to their arsenal.

  • In the case of Windows, scammers are using phishing-style emails spoofed to look like they are from well-known brands such as Alibaba, Amazon or LinkedIn. The email is ostensibly an invoice, canceled order or social media message, but it contains infected links hidden in seemingly harmless text. The links lead to a compromised website that instantly redirects the victim to a tech support scam website. (Scammers have also been using malicious ads where simply hovering over or near the link activates it and moves users through the scam scenario described above.)Once on the site, techniques such as bogus security alert popups scare users into calling a hotline and providing their credit card information to pay for unnecessary “technical support services.”
    Windows Support Hoax
  • With Apple, scammers also use phishing emails similar to those mentioned above, but in or around October 2017, a new campaign was launched. Scammers started targeting iPhone users specifically with a spoofed email that has the subject line “Reminder: We have an update on our Policy Updates Page.” To get around spam filters, it includes a fake case reference number. Once opened, it employs a well-crafted, persuasive message that urges users to log in and “verify” their account info.
    Apple Support Hoax

Another widespread tactic that works on both Windows and Mac machines and devices is the use of malware known as TechBrolo. In one example, it creates a looping dialog box that locks the browser while an audio file plays, describing the supposed problem and urging the user to call a support number.

NONE OF THESE ARE LEGITIMATE.

  • BSOD’s (crash screens) don’t include support numbers.
  • Neither Apple nor Microsoft proactively reach out to users to offer unsolicited tech support.
  • Apple will never ask for Apple ID passwords or temporary verification codes to provide support. Do not share them with anyone.

To avoid being duped by phishing emails, both Apple and Microsoft recommend users avoid opening any unsolicited emails that contain an attachment. Apple also requests that all users who receive suspected phishing email send it to the company for evaluation.

Don’t feel foolish if you are almost caught in the net. Millions of users each month are exposed to tech-support and update scams, and many take the bait. For more assistance with malware, phishing scams and other scammer tactics, give us a call at 678-719-9671.