Microsoft points out the current hotline scam is targeting both Apple and Microsoft users. The site the company is waring about does not use a dialogue pop up, but instead an audio message. In terms of Apple, the message reads: “Critical alert from Apple support. Your mac has alerted us that your system is infected with viruses, spywares, and pornwares. These viruses are sending your credit card details, Facebook logins, and personal emails to hackers remotely. Please call us immediately on the toll-free number listed so that our support engineers can walk you through the removal process over the phone. If you close this window before calling us, we will be forced to disable and suspend your Mac device to prevent further damage to our network. Error number 268D3.” The Microsoft Windows Defender Research team says the move is the latest trick. By mixing malware or fraudulent websites with support scams, attackers can confuse unsuspecting users. For example, a pop up prompt suggesting there is something wrong with a PC. The pop up will seem legitimately from a company such as Microsoft and will prompt users to call the number to fix the “issue”. If called, users will be charged to fix the problem that does not even exist. Scammers can also request remote access to “fix” the contrived problem. This gives customers the further illusion that the company is legitimate, but could also serve as a gateway to remotely corrupt a network.
Lucrative Scam
While people more versed in using PCs, laptops, tablets, and smartphones may laugh at being fooled in this way, many users are more novice. This means the hotline scam industry is hugely lucrative. Microsoft is one of the companies pro-actively trying to clamp down on these scams. The company is also commonly used as a decoy for unsuspecting users. Windows 10’s Edge browser attempts to deal with these popups by letting users close the browser even when an active dialogue box is open. Of course, as companies shore up their security, attackers innovate to stay a step ahead. For example, hackers are infiltrating apps and services which are increasingly connected to the web.