A few weeks ago, we warned you about a particularly clever phishing scam targeting Netflix users by encouraging them to contact scammers posing as customer service representatives. And now it seems copycat scammers are at it again.
A similar phishing scam, uncovered by Malwarebytes Unpacked -- the same blog that surfaced the previous scam -- is making the rounds, this time targeting not just Netlfix subscribers, but also customers of a number of recognizable brands, including AT&T, Comcast and even Aol (the parent company of The Huffington Post). The scammers are drawing users to fake websites via sponsored ads purchased through major ad networks. These phony ads have been spotted at the top of search result pages on popular search engines including Bing and Google.
Malwarebytes researcher Jerome Segura said he has also seen bait-and-switch ads on sites displaying sponsored Google or Bing ads -- both of which are common in all corners of the web.
"For months I've actually been using various search engines' sponsored ads to find new companies or any new variation with those scams. It's sad but if you do a search for 'tech support' in any of the major search engines you will most likely encounter an ad for a rogue company," Segura told HuffPost. "I think all major ad networks are affected, as well as ads that show within the content of certain websites."
You can see the whole scam in action in the video above, courtesy of Malwarebytes' YouTube account. The scammers appear to have set up fake tech support websites with URLs very similar to legitimate brand pages in some cases. For instance, instead of "Aol.com," scammers are using "Aolrisk.com."
Here's an example of how the scammers are using phony Bing ads to lure people onto these fake sites.
Malwarebytes found this fake ad by querying Bing with "Netflix tech support number."
The phony Netflix ads link users to sketchy-looking sites displaying information on how to contact "customer service support." These sites alert users that there has been an "error" on their Netflix account or that their account has been suspended. The sites also offer a toll-free "customer service" number or a chat window for contacting a "tech support" representative.
While the user is on the phone or live-chatting with the scammer, the scammer may request to log into the user's computer remotely, which gives the scammer control of the user's computer and access to anything stored on it.
Some of these scammy sites are so poorly thrown together that it's hard to imagine anyone falling for the trick.
Such as this one we found by searching "Aol tech support number" in Bing.
This particular site was so obvious that it didn't even provide a phone number, just an option for users to allow someone to log into their computer remotely.
This customer service fraud aims to trick unsuspecting users into believing something is seriously wrong with their computer. A scammer may also convince the customer to spend hundreds of dollars on expensive computer security software to fix problems that don't exist, so that the customer can access an account that was never suspended in the first place.
"Those scammers aren't all the same in how rogue they are. Some are 100 percent fake and ill-intentioned, others operate within the ... principle of 80 percent of their revenues come from 20 percent of deceptive and fraudulent sales pitches," Segura told HuffPost. "Having said that their main goal is to collect between $199 and $399 (or more), pass GO and not go to jail for half-real to completely bogus computer support."
Segura also notes that letting scammers remotely control your computer can lead to serious problems, even if you don't purchase the unnecessary software, because "literally anything can happen."
"In many cases, failure to comply and pay right away results in them locking you out of your computer or worse, erasing your files," he cautioned.
Fortunately, this scam is easily avoided by keeping a close eye on URLs and ensuring that you're visiting legitimate customer support directly from a brand's webpage, and not from an ad. Malwarebytes Unpacked provides a list of domains that are known to be fakes, but more appear every day.