Tech support scams have been around for years, but recent reports from cybersecurity experts at Malwarebytes show that these scams are becoming more advanced.
Scammers have come up with new tactics to trick people by creating fake ads on Google and even using Microsoft's infrastructure.
These tactics are designed to make people believe that they are receiving assistance from legitimate sources like Microsoft.
These new methods are incredibly clear and straightforward, making it possible for even experienced users to be deceived.
Scammers have now adopted smarter methods, moving away from traditional cold calling and fake virus alerts baiting.
In the past, scammers would employ deceptive pop-ups and advertisements to trick individuals into believing that their computer was infected and required assistance.
Today, these people who need help will come to them instead. Malwarebytes has recently brought attention to two new scams that are quite deceptive.
Fake Helpdesk Page on Microsoft Learn
The first scam involves a fake helpdesk page created using Microsoft’s own learning platform, Microsoft Learn.
If users search for Microsoft support on Google, they may come across a sponsored ad displayed at the top of the search results.
This advertisement may appears to be directly from Microsoft, featuring the official logo and URL.
When users click on the ad, they are directed to a genuine-looking Microsoft website that shows what seems to be an official support phone number.
Upon closer inspection, it turns out that this phone number is not actually from Microsoft.
Subscribe to our newsletter
The whole website and its pages were created by a fraudulent individual using a fake profile on Microsoft Learn.
The scammers have even put together a set of resources on Microsoft Learn that includes a phony support number, deceiving users into believing they are receiving assistance from genuine Microsoft technicians.
Microsoft Search Query Hijack
The second scam uses a different approach. Scammers buy a Google ad that, when clicked, takes users to a search query page on the real Microsoft website.
The URL looks official, but it has been manipulated to display a fake Microsoft support number. This trick abuses Microsoft's search feature to make it appear as if the contact information is legitimate.
When victims make the call, they are connected to scammers who pose as Microsoft support technicians.
Scammers attempt to persuade victims to grant them remote access to their computers.
Once they gain access, they are capable of installing malware, stealing personal information, or deceiving users into paying for fraudulent repairs.
Scammers are constantly on the lookout for fresh tactics to deceive individuals, particularly those who may not be as well-versed in technology, targeting vulnerable individuals like the elderly.
Keep in mind that reputable companies, such as Microsoft, will never request your passwords or personal information either over the phone or through pop-up ads.