Q
Problem solve Get help with specific problems with your technologies, process and projects.

How are tech support scams using phishing emails?

Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work with expert Nick Lewis.

Tech support scams seem like old news, but Microsoft issued a warning recently about an expanded phishing campaign...

where threat actors posed as legitimate technical support staff and even tricked some users with a fake Blue Screen of Death (BSOD). How does this campaign work, and how it is different from typical tech support scams?

Tech support scams are social engineering variants that try to convince targets that there's a problem with their computer, license or account. From there, the attacker contacts the user to try and help them solve the issue.

Microsoft recently posted a blog about a phishing email used for tech support scams -- it is believed that the contact information used could have been harvested from one of the data breaches that leaked millions of email addresses.

Tech support scams are also carried out through unsolicited phone calls in which the caller says he can fix the user's computer. Users should be aware that tech support scams can occur through email and other means to get targets to contact fake tech support hotlines or to install software that supposedly helps prevent fraud.

This particular tech support scam is somewhat different than conventional approaches; instead of using malicious web advertisements to spread tech support malware or cold-calling unsuspecting users, this campaign uses phishing emails. Once victims click on a malicious link in an email, they are sent to a page that appears to be a legitimate tech support page for Microsoft or other well-known vendors. In some cases, threat actors generate a fake BSOD to further convince victims that their systems are in need of maintenance.

Just like phone calls, phishing emails use standard techniques in which legitimate brands like Microsoft are used to notify the target that some type of transaction or problem was detected. This then entices the user to click on the given URL for additional information, as well as to provide a method of payment for the fraudulent tech support.

Since legitimate businesses often send notifications about transactions to help users identify fraudulent activity on their accounts, it's a good idea to closely monitor and investigate unsolicited transactions. Users should also be aware of potential fake BSODs and should try to verify if alleged issues are genuine.

Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

This was last published in February 2018

Dig Deeper on Email and messaging threats

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Have you or your organization experienced a phishing attack, such as one via the Microsoft phishing email?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close