{"id":7861,"date":"2017-06-07T07:10:22","date_gmt":"2017-06-07T15:10:22","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/06\/07\/news-1643\/"},"modified":"2017-06-07T07:10:22","modified_gmt":"2017-06-07T15:10:22","slug":"news-1643","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/06\/07\/news-1643\/","title":{"rendered":"Tech support scams: what are other people doing?"},"content":{"rendered":"

Credit to Author: William Tsing| Date: Wed, 07 Jun 2017 14:00:38 +0000<\/strong><\/p>\n

We\u2019ve talked a lot about tech support scams over the past few years, typically focused on what we see ourselves, and the scammers who like to pose as Malwarebytes. But tech support scams are much bigger than that, targeting every tech company under the sun. So what are other people doing about it?\u00a0Let’s take a look at some of the other players working to keep you safe.<\/p>\n

IT Advocate<\/h3>\n

\"\"<\/p>\n

Independent researchers will occasionally conduct sting calls based on a combination of victim complaints and their own research. IT Advocate presents some of the most thorough research and professional videos in this genre, providing context to each company before they make the call.<\/p>\n

Others who refer to themselves as \u201cscam baiters\u201d will present calls on Youtube, typically designed to waste the scammer\u2019s time, or execute a practical joke. These are amusing, but also frustrating because they aren’t useful; most videos don’t disclose where they got the number, what their specific setup is, or any specific details on the company. IT Advocate, in contrast, focuses on collecting hard, actionable evidence that can be used in takedown requests to keep users safe. They publish fairly frequently and you can find their YouTube channel here<\/a>.<\/p>\n

 <\/p>\n

Fatsecurity.com<\/h3>\n

\"\"<\/p>\n

An occasional problem defenders run into is how to effectively execute a takedown, in particular, an advertisement takedown for a fraudulent company. Scammers will register a corporate presence in the United States, set up several money mule accounts here as \u201cpayment processors\u201d, and use US dollars to buy ads. As a result, it can be tough for an advertising company like Google to distinguish these ads from those of a legitimate tech support company. Fat Security is attacking this issue from an interesting angle, as you can see here<\/a>. Rather than crowdsourcing victim reports, which can be vague or incomplete, they are crowdsourcing reporting<\/em> \u2013 users who sign up will be informed of identified scams and how to report them to the proper authorities. The idea being one researcher\u2019s report can be ignored; ten thousand users reporting the same scam demands a response. It\u2019s a novel idea and we look forward to seeing how it turns out.<\/p>\n

The Big\u2019uns<\/h3>\n

\"\"<\/p>\n

Microsoft is arguably one of the most abused companies in a tech support scammer\u2019s pitch. So how are they fighting back? They have extensive coverage of tech support scams in their blog, as well as a consumer education sheet with useful info here<\/a>. (Here\u2019s ours, by the way<\/a>.)<\/p>\n

What a lot of folks don\u2019t realize is that they also have a reporting tool for victims and researchers to report a scam directly to them: www.microsoft.com\/en-us\/reportascam<\/a>. When conducting threat analysis, more data tends to make for better judgments, so these types of reporting tools tend to yield good intelligence.<\/p>\n

Symantec provides a public resource page here<\/a>,\u00a0as well as a reporting tool, although it appears to be a catch-all for abuse of their intellectual property.<\/p>\n

Teamviewer is the tool of choice for scammers to gain access to your computer. Their resource page for victims here<\/a>\u00a0offers some good tips on how to secure your account if you have one and provides an email address to report fraudulent use of their product.<\/p>\n

In short, there’s a wide range of researchers working hard to keep you safe from tech support scams, from the biggest names in the industry, down to single individuals working as an avocation. The more of us who pitch in makes it more likely that you won’t have to deal with a scammer. And if you’ve ever thought you were talking to Malwarebytes and gotten someone unsavory instead, please post to the comments below.<\/p>\n

Some resources mentioned above:<\/p>\n