Symantec Security Response - Tech support scams increasing in complexity
Tech support scams remain one of the major and evolving forces in the computer security landscape.
Recently, Symantec observed a new feature in the tech support scams it detects – the use of code obfuscators.
Initiation of the scam
The scam Symantec has observed is initiated when an unsuspecting user visits a malicious website. The victim is shown a
fake warning in a pop-up window in their browser.
Figure 1. Fake warning displayed by tech support scam
The scam tries to lure the user into calling the given phone number by saying that their system is infected. To further
scare the user, the web page displays a fake ‘hard drive delete timer’ that warns the user that their hard drive will be
deleted within five minutes. A warning audio tone is also played in the background, which again warns the user that
their system is infected.
Protection
Norton Security, Symantec Endpoint Protection, and other Symantec security products have comprehensive network-based
protection features such as firewall and IPS built in. To protect yourself from scams, ensure that none of these are
turned off.
Make sure you visit legitimate websites when you need support for any product.
From January 1 2016 through October, Symantec’s IPS blocked more than 157 million tech support scams. Our figures also showed that the countries targeted the most by tech support scams were the US, UK
and Canada.