Free Tech Support? NO WAY?! No, really, no way.

A coworker received the below pop-up while using Google Chrome.

virus-scannerBeing the helpful guy that I am, I made the phone call for him and did a little bit of recon at the same time. Here’s the good news…sort of. They hung up on me twice when I told them I was using a work computer. It seems they are only interested in personally owned computers. Good news if you are an IT guy/gal, bad news for Grandma.

Here’s some more bad news…they were using a legitimate service, support.me to connect remotely. This is bad because it looks safe and wholesome to an unsuspecting victim. Plus, it likely has legitimate uses on your network, which means it may be hard to globally block.

Also, the approach of letting people call them, is very effective. After all, if you are initiating the conversation, you already have your guard down. This is a really good social engineering tactic. Bait the victim, but let them “think” that they initiated the transaction. On the other hand, if you receive a phone call out of the clear blue from someone with a foreign accent telling you that your computer is infected with a virus, well, that’s a harder sell. Still, it’s not uncommon for members of our campus community to receive calls from “Microsoft” and “Google.” Sometimes, they are just looking for an IP address to target from the outside. “Hello, we are trying to fix your copier. Can you please tell me what the IP address is?” If you ever get an unsolicited call like that, just tell them it is 265.548.175.15. The geeks out there will get why that IP is safe to share.

Interestingly, they didn’t have me connect to that website through my browser. They had to me go to Start –> Run and then type “hh web” which opened an “HTML Help” window.

html_helpFrom there, you can press that little yellow question mark at the top left of the box and choose “jump to url.” I would imagine that they do this to bypass browser security and plug-ins. Pretty clever, I suppose. The rest of the call consisted of him trying to get me to type in the session code to allow him remote access to my computer. I just could not get it right…

What was the end game? I’m not sure. Clearly they would have charged me to “clean” my computer, although I was assured repeatedly that the diagnosis would be free. Would they then steal that credit card number altogether? Install additional malware to ensure my credentials are uploaded to the grasp of an excited hacker? Probably yes and yes, but for today, I’m fine being in the dark on that!

Have any of your coworkers or family members fallen victim to this scam? Share the details in the comments below.

Thanks for reading and don’t forget to subscribe.

7 thoughts on “Free Tech Support? NO WAY?! No, really, no way.

  1. What should the average unsuspecting user do this in this scenario?
    Close the browser? Restart the Computer? Run an antivirus scan? Call Client support at 2-9800.

    • In this case, the person did not click on anything and they were not logged in with administrative rights to the computer, so the suggestions you mentioned are exactly what we did. Reboot–>Run AV scan. We also ran a scan using the Windows Defender Offline CD. However, contacting the Help Desk is always a good idea if there is any concern of infection.

  2. Phishing scams…same scam, different disguise, same end game – an attempt to get your information and invade your privacy. Thanks for enlightening us.

  3. I often see this scam when I click in to download link. I don;t got it why google close their eye for this issue. Fortunately I don’t have any debit or credit card so this was kind of relief for me.

  4. La parola rolex, non è altro che un insieme delle parole francesi “horlogierie exquise” (orologeria squisita), un nome facile da pronunciare e da ricordare.Da qui, la parola Rolex replica omega.
    Il Marchio viene registrato a La Chaux-De-Fonds, in Svizzera, nel 1908.

Leave a Reply

Your email address will not be published. Required fields are marked *