Scam Alert: Fake Tech Support Claims Hard Disk Will Be Deleted

November 16th, 2016

Symantec warns that tech support scams are getting more sophisticated by the month: "These scams remain one of the major and evolving forces in the computer security landscape. Between January 1 and April 30 this year, the Internet Crime Complaint Center (IC3) received 3,668 complaints related to tech support scams, which amounted to adjusted losses of almost US $2.27m."

Recently, Symantec has observed a new feature in the tech support scams it is detecting – the use of code obfuscators. Early tech support scams had their entire malicious code clearly visible. Now code obfuscation, which was mostly seen with Exploit Kits, has made its way to tech support scams.

So, what is this new scam?

A warning that a victim's hard drive will be wiped of all data... unless, of course, they call the fake customer support number. This scam kicks off when a user visits a compromised website. Immediately, it tries to scare the victim with an unusual tactic, Symantec explains:

"The web page displays a fake 'hard drive delete timer' that warns the user that their hard drive will be deleted within five minutes. A warning audio tone is also played in the background, which again warns the user that their system is infected."

The scam also displays a pop-up alert in the browser that the user's computer has been infected by a virus and that they must call a support number to resolve the issue."

There are variations of this scam that claim they are your Internet Service Provider, or claim to be Microsoft and you need an urgent update you need to call in for, or they show you a blue screen that claims your computer needs to be repaired. There is always a number to call, and these scammers will try to put hundreds of dollars on your credit card. Don't fall for it!  If you see error messages on your business computer screen, follow policy and contact the person in your organization responsible for IT problems. If you see this on a computer at the house, ignore these messages and do not call the fake tech support number.

From January 1 2016 through October, Symantec’s IPS blocked more than 157 million tech support scams. Their figures also showed that the countries targeted the most by tech support scams were the US, UK and Canada.

Symantec advises users to be extra careful when calling or receiving a call from a technical call center. Users should be cautious and always check the company’s identity. If you need IT security assistance for your organization, always feel free to contact us at The Fulcrum Group for guidance.

More info on Tech Support Scams from Symantec's blog can be found here.