OFFICIAL SECURITY BLOG
December 11, 2013 | BY Jérôme Segura
If you have been following our blog, you certainly know how much we despise the fake tech support scams.
In a twisted new variant, crooks are calling out to all antivirus / anti-malware customers and urging them to fix their computers now.
One such account was spamming YouTube with hundreds of videos, all using a computer-generated voice and personalized for each AV/Anti-Malware company:
Not only do they not know how to spell our name properly, nor know that we are not an antivirus, they further advertise their service in the video’s description:
Time to pick up the phone and expose those crooks.
The company behind this scam is “My Tech Gurus” (http://www.mytechgurus.com):
Once on the phone, I am quickly directed to a remote technician and instructed to hang the call to pursue the support session directly through the chat window on my computer:
I know the drill (having performed it too many times to remember) so I just keep playing the game to see where it’s going to take me.
If the ‘technician’ were honest, she would tell me there is absolutely nothing wrong with this computer and perhaps even say: “Nice try! This is a Virtual Machine”.
But this is not the road ‘Helen’ is going to take, oh no… Instead she wastes no time in making up fake errors:
And here is the ‘technical’ explanation:
Of course, fixing those ‘errors’ is not going to be free:
The little charade had gone for long enough so I decided to question them. Unsurprisingly, those guys have an answer for everything, including how honest their business is and that they are located in the US:
This is rather curious because most of their website’s traffic comes from… India:
So has Helen been lying to me all that while? Well, there’s one way to find out by asking the $1M question:
The reason I asked that is because when I first called, the technician was a male with a heavy Indian accent. He told me to hang up and that Helen would continue working with me over the chat program, thus confirming the technician and Helen are the same person.
I continued talking to Helen for a little bit more and found out she/he was quite busy at the moment helping – ahem scamming – other customers.
Sadly, tech support scams are still going strong and robbing many people of their money. Throughout my investigations, I’ve come to learn about many victims who already have financial difficulties and feel completely devastated after it’s happened to them.
Our fight continues and we encourage everyone to report each incident. We have created a guide for victims that describes the variations of scams and what to do in each case.
It may seem like a never-ending battle, but at the end of the day, if we’ve managed to save even just one person, then we can feel confident we’re doing the right thing.
A video capture of the scam in progress can be found here.
Jerome Segura (@jeromesegura) is a senior security researcher at Malwarebytes.