Trending Scams

 

This is an experimental section of the website that aims to inform you of scams making the rounds in our area, as reported by our staff and customers. If you find this section useful, please let us know.

 

June 2017 – Fake Virus removal, PC cleanup scam

An all too common scam these days … One day while browsing the web you are hit with a dire looking popup that claims your computer is infected with a virus or some other fictional malady. Scam authors are able to produce a semi-legitimate looking popup to your desktop by leveraging background html code embedded in an advertising frame, or through an external link on a site you visit. Javascript can be used to resize your browser window so that the fake error appears to be on your entire desktop, and the browser frame often tries to copy standard Windows visual themes. They are hoping to exploit your sense of alarm,  and conveniently provide a website address or phone number you are encouraged to visit in order to ‘remedy the issue’.

Of course legitimate providers like Microsoft, and any of the reputable Anti-Malware vendors will never use tactics like these to contact you. The 2nd stage of this scam usually involves the fake support agent talking you into running something on your computer that you’ve never heard of, in order to gain control of the machine, or trick you into making payments.
The number we were asked to call is (866) 315-1003.

Two of the more common vectors for this ruse are Teamviewer and GoToAssist. These are ‘desktop sharing’ applications that are often used by legitimate tech support to assist people remotely, however when you give a scammer remote control over your PC, they are not going be fixing any existing problems, only creating new ones for you.

 

team viewer launch                gotoassist launch

 

In the iteration we recently encountered and were able to investigate, the scammers trick was to get you to launch ‘hh‘ from a Windows runbox, supposedly confirming the virus-caused error, and then manually redirect you to a spammer controlled ‘GoToAssist’ session, where the scammers can then demonstrate another bunch of plausible looking errors by pulling irrelevant data from various system utilities that come with Windows.  You will then be taken to a credit card payment processor and asked to pay in advance for a ‘premium support’ contract.

This scam operates in the quasi-legal realm of offering a fictional service to remedy a fictional technical issue, however scammers with even fewer qualms about prosecution and legal jurisdictions will often install actual malware onto your system during the shared desktop session, in order to give themselves persistent administrative control over your computer.

July 2017 – IRS Lawsuit/Arrest scam

This scam appears to originate from the 409 (Texas) area code, but the caller ID may be spoofed. A recorded speaker threatens you with a pending IRS lawsuit and/or arrest. Of course the caller never identifies themselves, or who ‘you’, the supposed target of this lawsuit/warrant is, for that matter.
The number you’re being asked to call during our observed samples is either (409) 965-5767 or (409) 965-5763.

click here to hear an audio sample of this scam.

IRS Lawsuit Scam