Cyber Criminals have invented a new variant of the old ‘I’m from Microsoft’ fake tech support phone call in the form of an on-screen pop-up malware warning that claims to be from your ISP and asks you to call a number.
The reason that the advert appears in the first place is because your computer has become infected through single "bad" pixel adverts.
We are all now aware that cyber crime, particularly that involving malware is relatively commonplace and the fact that we are aware and that most of us have at least some basic levels of protection means that cyber criminals need to be more cunning than ever. This latest scam as reported by US security firm Malwarebytes in the U.S., Canada and now the UK uses pop-up adverts that claim to be from popular ISPs.
How The Scam Works
In the case of this latest scam it relies upon infecting your computer in the first place with the malware which displays the pop-up advert. The worrying thing is that in this case the cyber criminals are using legitimate online advertising networks to place adverts on websites. These adverts don’t even need to be clicked on to infect your computer because they contain a single ‘bad pixel’ that can redirect you and infect your computer while you’re browsing on a legitimate website without you knowing.
How Do They Know Who Your ISP Is?
After your computer is infected by the advert, you are re-directed to an invisible page in the background that checks the IP address on your computer. The ownership of this IP address can then be traced to a specific ISP, and a pop-up advert is served on your page that features the name of that ISP and gives you a bogus number to call them on.
What Happens If You Call The Number?
Calling the number means that you will be greeted by convincing fraudsters who claim to be your ISP. From what is known about similar calls, it is likely that the fraudster will then try and convince you that you have viruses and errors on your computer which they can clean off for a fee. The final step will therefore be that they will try to persuade you to log in to your banking site.
In other bogus tech support scams, cyber criminals also use banking 'Trojans' to extract the victim’s financial information and install malware onto the victim’s computer that joins them up to a botnet so their computer is used in attacks on other computers.
What Does This Mean For Your Business?
Vigilance is once again needed to help defeat the cyber criminals. This latest attack comes on the heals of ‘Locky’ and ‘Raa’, both of which used malware. It important in this case to raise awareness among staff that they all need to be very careful in their web browsing as well as in their opening of any emails with attachments and / or emails from sources that are not familiar.
All staff should also be made aware of who the company’s ISP is and that bogus tech support calls exist and what form they take. It may also be good practice to have a designated person who deals with communication with the IT ISP.
Keeping computer updates, patches, and anti virus software up to date is also very important. Having a reliable, secure back up of your important files and folders is also advisable if not essential in today’s business environment.