Monday, November 4, 2024
HomePhishingTech Support Scams Integrates Call Optimization Service to Insert Phone Numbers into...

Tech Support Scams Integrates Call Optimization Service to Insert Phone Numbers into Scam Pages

Published on

Malware protection

Scammers continue to adapt with new techniques to trick user’s and make them fall as a victim. Scammers always impose limits such as “call immediately” or “Offer Valid Today only” to make you act on it immediately.

Security researchers from Symantec spotted a new Tech Support Scam that adopts to call optimization service for inserting the phone numbers to scam pages to make it looks more legitimate.

Tech Support Scam

Attackers somehow manage users to get visited a malicious website, commonly through malvertising or compromised website.

- Advertisement - SIEM as a Service

Generally, tech support scam’s perform fingerprinting, according to researchers “this particular scam goes a step further and retrieves the browser version as well and redirects the user based on the browser name and version”.

Tech Support Scam

Also, it play’s audio in the background stating that the computer is infected once the user arrives at the scam page.

Then it inform’s users that their computer has been blocked due to a malware infection and tempt user’ to call the number displayed on the screen for assistance.

According to Symantec research, the scam page uses a call optimization service’s advanced JavaScript integration service that return’s scammer phone number from the server and triggers a call back function.

Tech Support Scam

By having the call optimization enabled, attackers, make sure correct phone number displayed to the user’s based in multiple countries.

Recently a sophisticated Apple Phishing Scam notifies the user’s that their account has been limited due to unusual activity and ask’s for payment details and the site was encrypted with Advanced Encryption Standard (AES).

Also Read

Top Cybercrime Tactics and Techniques Q2 2018 Cryptomining, GrandCrab, SamSam & VPNFilter

Best ways to Lock Down the Highly Sensitive Data From the Massive Breaches

Beware of Apple Phishing Scam that Threatens Users to Disclose Personal Details

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Hackers Downgrading Remote Desktop Security Setting For Unauthorized Access

The attackers use a multi-stage attack, starting with a malicious LNK file disguised as...