Phishing emails tricking people into falling for tech support scams

Phishing emails tricking people into falling for tech support scams

As an avid Komando.com reader, you know about all the tricks of the trade used by cybercriminals. Malware, ransomware, and phishing scams just to name a few ways they rip off victims.

Once people get wise to these tricks, scammers tweak them to become a little more deceitful. The latest scam making the rounds is exceptionally tricky.

What to watch for in latest phishing attack

What’s happening is, cybercriminals are sending phishing emails to unsuspecting victims that are not the typical phishing scam. Many phishing attacks lead to victims clicking a malicious link and giving the scammer their log-in credentials on a spoofed site. The latest phishing email actually leads to a tech support scam.

It works like this, the victim receives an email that is purportedly from a legitimate site like Amazon, Alibaba Group or LinkedIn. The message tells the recipient that either an order they had placed has been successfully canceled, or that they have received a new message.

Image: Example of fake Amazon phishing email. (Source: Microsoft)

The message also contains links that the recipient needs to click on for further details.

Warning! Do NOT click on the links within the email. It’s malicious and will lead to a tech support scam.

If you click on the link, you will be taken to a spoofed Microsoft page. A message will appear warning you that a virus has infected your system and an immediate response is required.

Image: Example of Microsoft tech support scam. (Source: Microsoft)

As you can see in the message, a phone number is provided for tech support to fix the problem. Once the victim calls the number, the scammer answers and asks for a fee to fix the computer system problem that doesn’t actually exist.

In some cases, these pop-up messages won’t go away. Even if you close the browser they continue to appear.

If you happen to click on one of these malicious links by mistake, here is how to get rid of the pop-up message:

  • Click on the Windows search box in the lower-left corner.
  • Search for Task Manager.
  • Open Task Manager.
  • Right-click on the browser you have open listed under the Processes tab and click End. If you have multiple tabs open, repeat this step for each tab.

How to protect against tech support scams:

Tech support scams are nothing new, they’ve been evolving for years. In an effort to help users avoid these scams, Microsoft suggests following these rules:

  • If you receive an unsolicited email message or phone call that purports to be from Microsoft (or any legit company) and requests you send personal information or click links, ignore or report the email, or hang up the phone. Click here to learn how to report a phishing email to Microsoft.
  • Reminder: Microsoft does not send unsolicited email messages or make unsolicited phone calls to request for personal or financial information, or fix your computer.
  • Treat all unsolicited phone calls with skepticism. Do not provide any personal information.
  • Download software only from official websites, or official App Stores. Avoid downloading from third-party sites, they are not as secure as official sites.
  • Enable Windows Defender Antivirus on Windows 10. It detects and removes known support scam malware.
NoteIf you are reading this article using the Komando.com App, click here to see an example of the phishing email.

More stories you can’t miss:

How to see if your computer needs a security patch

Guy who wrote the bible on passwords: I was wrong

Protect your mobile device from smishing

Tags: cybercriminals, malware, Microsoft Windows 10