Scare tactics! Tech support scam claims your hard drive will be deleted

Scammers tries to frighten you into phoning them up.

David bisson
David Bisson

Scare tactics! Tech support scam claims your hard drive will be deleted

A new tech support scam warns that a victim’s hard drive will be wiped of all data… unless, of course, they call the fake customer support number.

This scam initiates whenever a user visits a malicious website. Immediately, it tries to scare the victim with a unusual tactic, as Siddhesh Chandrayan of Symantec explains:

“The web page displays a fake ‘hard drive delete timer’ that warns the user that their hard drive will be deleted within five minutes. A warning audio tone is also played in the background, which again warns the user that their system is infected.”

The scam also displays a pop-up alert in the browser that the user’s computer has been infected by a virus and that they must call a support number to resolve the issue.

1 0


Your Hard drive will be DELETED if you close this page. You have Virus infection! Please call Microsoft Support Now! Call Toll-Free: (0)286-740-0038 To Stop This Process

Are you sure you want to leave this page?

Call centerOf course, if you are duped into calling the number you run the risk of being tricked into giving a hacker remote access to your computer (which may lead to them installing malware on your computer), or handing over your credit card details for a “repair”.

Tech support scams make use of a variety of techniques to successfully fool their victims.

Some rely on a convincing impersonation of the victim’s ISP or of Microsoft’s update process or the infamous “blue screen of death”, while others attempt to give away as little information as possible to security researchers.

Sign up to our free newsletter.
Security news, advice, and tips.

This latest scam falls into the latter category. Specifically, it uses obfuscated JavaScript to hide a number of its attributes, including the code used to activate the scam, display the pop-up alert, and even track cookies so as to avoid delivery to the same victim more than once.

To optimize the chances of someone falling for the scam, fraudsters take it one step further and even include code (also obfuscated) that verifies the user’s operating system.

Chandrayan points out why:

“This code addresses a potential major flaw in the scam. Usually, tech support scams come with hardcoded strings such as ‘Windows detected infection’. For a user redirected to the web page from an Apple Mac, it is clear they are being tricked into something fake. The scammer avoids this scenario by tailoring their code appropriately and showing the fake alerts relevant to the specific victim.”

Os code
Code used to check OS of victim’s computer

This particular tech support scam might have a few more bells and whistles than other ruses, but users can defend against it just as they would any other ploy.

Specifically, if you think there’s something wrong with your computer, you should contact the company directly and speak to a representative. You should also avoid visiting suspicious websites and remember to maintain an up-to-date anti-virus product, and keep your computers patched with the latest security updates.

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

3 comments on “Scare tactics! Tech support scam claims your hard drive will be deleted”

  1. Bob

    Windows, MacOS, Unix and Linux.

    Everything except BSD in their OS detection code although I'm sure that your average BSD user would be sufficiently computer literate to not fall for this scam notwithstanding the superior compartmentalisation of the OS.

    1. James · in reply to Bob

      Linux users would also be computer literate enough to not fall for a scam as retarded as these.

      1. Bob · in reply to James

        I'd hope so but you never know. The same generalisation could be made of Unix users.

        Linux is pre-installed on many systems especially on those distributed overseas. Most of the distributions are so simple to use that it's no longer used exclusively by techies and these scams are affecting Linux users.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.