A Microsoft tech-support scam operation that was shut down two years ago has popped back up and is functioning again with a few new twists.
The basic scam has not changed, a computer with no problem receives a pop up ad that are facilitated with a browser locker to make it appear to the victim that there truly is something wrong with their computer. The malicious actors generally pose as an authorized Microsoft support team, but some have also pretended to be from Malwarebytes. This is ironic since Malwarebytes helped uncover the original scam two-years ago and is the firm that once again spotted the threat.
Malwarebytes said it has noticed an uptick in this type of scam over the last few months and credited the increase to the general ineffectiveness of other web-based tech scams, along with possibly fewer people falling for phone-based calls from fake support teams.
The scammers go by the names GeeksHelp and AmericaGeeks, and were previously known as Geeks Technical Solutions LLC. The actual attack has not changed. Once the target calls the number on the pop-up ad they are encouraged to download an app giving the criminals the ability to control their computer and they are then given a hard sell to purchase a “support plan” from the fake company, Malwarebytes said.
The social engineering aspect of the swindle includes an explanation of why the call is being obviously routed to a non-Microsoft or Malwarebytes team. The pop up states that all calls originally go through the company before being forwarded to their external authorized support teams.
“Despite efforts to curb the rapid proliferation of tech scams, we are witnessing intense activity and more outsourcing of roles and responsibilities, which not only contribute to better efficacy but also make it harder for law enforcement to tackle them on a global scale,” Malwarebytes Labs wrote.