Scammers are using fake antivirus bills to hack your computer
Email-run tech support scams are on the rise
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Email security firm Vade Secure uncovered an ongoing tech-support scam that uses fakeantivirusinvoices to trick users into enablingremote accessto their computers.
The news is the latest in a surge in the number of tech-support scams that begin by circulating fakeinvoicesfor well-known security software, withMalwarebytes sharing detailsabout one such incidient recently.
This new scam targets users with fake antivirus renewal invoices from popular vendors such as McAfee, Norton, andMicrosoft, luring victims into handing over their personal details.
We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.
Click here to start the survey in a new window«
Push into panic
As usual the emails are designed to catch the attention of the potential victims by threatening to auto-charge their cards for the software renewals unless they call to cancel the subscription.
When they do, the scamsters will sweet talk them into installing various remote access software to allow the threat actors to take over the victim’s computer to installmalwareor for other nefarious purposes.
Vade caught on to the new scam due to its sheer volume. Speaking with BleepingComputer, Vade’s Regional SOC Manager Nicolas Joffre shared that the company has filtered over a million emails of this new scam since it started targeting its customers in March.
BleepingComputerengaged with one of the scammers by pretending to have received one of the renewal invoices. They were walked through downloading AnyDesk remote access software and instructed to configure it for unattended access.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The scammers then transferred a disguised batch script to scare them into thinking their computer was infected, while they collected personal information and continued to install additional software, such as TeamViewer in the background.
Joffre believes that the personal information is hawked to other threat actors, while the remote access software will help enlist the device into the threat actor’s spam botnet.
Via:BleepingComputer
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)
