With the rise of global prices this year, AdSecure is detecting more and more tech support scams as Malvertisers ramp up their activities.
As consumers are spending more and more money on necessities such as food and energy, disposable income has shrunk, leading to consumers spending less on non-essential purchases such as eCommerce, entertainment, subscriptions and digital goods. This economic fluctuation has significantly affected the revenue of many advertisers who promote classic offers such as dating, cryptocurrency or financial investment verticals, which used to generate good profits. But now there are less end users signing up for such services due to the aforementioned lower consumption ability. This has led unscrupulous advertisers to look for other means in order to generate income and one of those activities is via Tech Support scams.
What are Tech Support scams?
Tech Support scams are a type of ad fraud where a scammer claims to provide a legitimate technical support service or assistance. Tech support scammers use a variety of methods such as fake pop-ups, or ads on fraudulent websites to lure the victims into believing the presence of problems or threats on their devices, when there is no such real issue. Then scammers will persuade the victims to pay to fix the "malware" or remove the "virus" they claim to have found, as well as scaring the victim with the threat that they will face personal security issues or financial loss if they don't fix the problems immediately.
Example of a tech support scam popup
With programmatic advertising becoming more and more popular within the online advertising industry, many tech support fraudsters use real-time bidding in order to reach potential victims. These are the steps that the principle follows:
- An online user visits a legitimate website that contains ads.
- The website triggers a bid request to legitimate advertisers to submit bids in real-time to serve their ads, based on data gained from the targeted end user (demographic information, browsing history, location, etc).
- The tech support fraudster pretends to be a compliant advertiser and sets a high bid in order to win the bidding contest for an ad campaign which is set to target a group of potential victims.
- The fraudulent advertiser sends a response to the website so it redirects online users to the fraudster's infrastructure. If it is a pop-up ad, the tech support page will jump out automatically; if it is a banner ad, it requires the user to click on the ad and eventually ends up on the fake tech support page.
- Once the user is on the fake tech support page, the fraudsters may use a variety of ways to convince the user to believe that their device needs to be "fixed".
At best, the scammers will ask the end user to pay to fix the nonexistent issue, often via bank transfer, gift cards, or money transfer apps because they know these types of payments can be hard to track or reverse. At worst, they will try to steal the victim’s sensitive personal information or financial details. And if the end user is duped into connecting their device remotely to fix the fake issue, the scammers may try to install unwanted programs or software that can access the victims personal details or damage their device.
Why are fake tech support attacks on the rise?
Tech support fraud is a big business for cybercriminals, and they actually run like businesses with sophisticated schemes, call centers, support teams and use proven scripts.
In the Consumer Cyber Safety Pulse Report from Norton in October 2021, tech support scams ranked the No. 1 in the list of scam threats globally. The most obvious reason that tech support scams keep being the most popular scam technique is that IT WORKS!!! Especially now post pandemic where more and more people rely on online services, whether for working, studying, shopping, gaming or reading news. Older citizens are amongst the most popular target profiles as they are less familiar with the online world and often lack the awareness of such scams.
What can a victim do if they are exposed to a tech support attack?
The first and most important thing to do is stay calm and think about where the tech support page suddenly pops up from, instead of jumping ahead and calling the support number shown on the screen right away.
The victim should examine if they were actually searching for a tech support page in the search engine or, rather, if it simply popped up automatically by itself. Remember that official or legitimate support pages don't just appear on their own if there is something wrong on the victims device, and they don't ask for the victim to call a helpline.
Sometimes the scammers can design the fraudulent pages so well that they almost look identical to the names or branding of big software companies, in which case the victim should pay attention to the page URL. For instance, if the domain looks like techsupport.micr0s0ft789.com rather than support.microsoft.com, then it is probably a scam site.
If the victim’s browser is also locked when the tech support page pops up, they should not panic! It is just a trick set up by the scammers to make victims believe that there is something wrong with their devices. The issue can be fixed simply by closing the browser. If the exit button is hidden from plain sight, they can quit the full screen mode by a keyboard shortcut F11 or “CTRL + SHIFT + ESC”, depending on the type of device.. If that still doesn't work, the victim can always restart their device and the issue will be solved.
Lastly, the victim should contact the website where the fake tech support page was triggered. If they are responsible website owners or publishers, they will take down the fake ads and ban the fraudulent advertisers so they can't harm more users.
Some Tech Support landing pages AdSecure detected
Conclusion:
Tech support scams are on the rise and now more than ever, we need to raise awareness of the issue with the public and advise them of what to do if they suffer an attack. As part of the digital advertising ecosystem, it's very important to deliver high quality and safe ads, and do the best to protect online users. AdSecure can help monitor your ad campaigns before launching or while running, and effectively detect multiple forms of malvertising including technical support scams. Malvertising is wide spread throughout the online advertising ecosystem, to find out more about the many tools and tactics that cybercriminals use check out our indepth blog post What is Malvertising and how to stop it.
Want to learn more about our detections, check out our detection list here!