A new tech support scam warns that a victim’s hard drive will be wiped of all data… unless, of course, they call the fake customer support number.
This scam initiates whenever a user visits a malicious website. Immediately, it tries to scare the victim with a unusual tactic, as Siddhesh Chandrayan of Symantec explains:
“The web page displays a fake ‘hard drive delete timer’ that warns the user that their hard drive will be deleted within five minutes. A warning audio tone is also played in the background, which again warns the user that their system is infected.”
The scam also displays a pop-up alert in the browser that the user’s computer has been infected by a virus and that they must call a support number to resolve the issue.
Your Hard drive will be DELETED if you close this page. You have Exploit.SWF.bd Virus infection! Please call Microsoft Support Now! Call Toll-Free: (0)286-740-0038 To Stop This Process
Are you sure you want to leave this page?
Tech support scams make use of a variety of techniques to successfully fool their victims.
Some rely on a convincing impersonation of the victim’s ISP or of Microsoft’s update process or the infamous “blue screen of death”, while others attempt to give away as little information as possible to security researchers.
To optimize the chances of someone falling for the scam, fraudsters take it one step further and even include code (also obfuscated) that verifies the user’s operating system.
Chandrayan points out why:
“This code addresses a potential major flaw in the scam. Usually, tech support scams come with hardcoded strings such as ‘Windows detected infection’. For a user redirected to the web page from an Apple Mac, it is clear they are being tricked into something fake. The scammer avoids this scenario by tailoring their code appropriately and showing the fake alerts relevant to the specific victim.”
This particular tech support scam might have a few more bells and whistles than other ruses, but users can defend against it just as they would any other ploy.
Specifically, if you think there’s something wrong with your computer, you should contact the company directly and speak to a representative. You should also avoid visiting suspicious websites and remember to maintain an up-to-date anti-virus product, and keep your computers patched with the latest security updates.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.