Home » Consumer News » Currently Reading:

Your ISP May be a Victim of Malvertising

Phillip Dampier March 21, 2016 Consumer News 1 Comment

verizonFraudsters impersonating your Internet Service Provider are sending urgent malware warnings that urge you to call straight away to “resolve” malicious spyware on your computer. If you follow through on that request, they will maliciously resolve to remove money from your bank account. If you’re already too late, then fret not because you can still resort to services such as financial fraud recovery.

“Malvertising” has become a multi-million dollar industry, and nothing is more profitable than claiming to remove malware from your personal computer that isn’t there in the first place. A review of your spam folder or voicemail messages may show a number of messages and calls claiming to come from Microsoft or your Internet Service Provider informing you they have supposedly discovered illegitimate software running on your computer that needs to be removed urgently.

These schemes have become very sophisticated, with warning warnings appearing in your web browser (as an embedded, pop-up or pop-under message) that identifies your general location and ISP as part of the malware alert. To enhance credibility, these messages include your ISPs logo and a professional-sounding audio message that warns your credit cards, passwords, and personal information are at risk.

Malwarebytes Labs, a legitimate fighter of all-things-malware, recently investigated these warning messages and dialed the toll-free number to see what would happen next.

[Our call was] handled by a tech support company out of India that goes by the name of Credence Incorporation and operates a website at: support-samurai.com.

As always, the technician that took remote control of our machine found many “infected files”, using outrageous (for anyone tech savvy) tricks:

inf

Many people won’t know the difference, but the above command is by no means a way to scan a system for malware. Sadly, this sales pitch will still prove effective and those crooks will be able to extort several hundred dollars for non-existent computer problems.

At the time of writing this blog, we noticed that all the fraudulent websites had been shutdown. They had been registered under disguise with the following identity:

Registrant Name: Elizabeth Gonzalez
Registrant Organization: Sky-IP
Registrant Street: Addison House Plaza, street 57
Registrant City: Panama

The scam relies on your IP address to show your ISP and general geographic location. After calling, they’ll take your credit card number and bill up to several hundred dollars deleting non-existent malware while getting your permission to take remote control of your computer. Non-tech savvy users will probably never suspect a thing.

In addition to using a legitimate anti-virus program, it doesn’t hurt to have a second malware detector working for you. We found a promotion today for Malwarebytes Premium (1 year subscription for up to three computers), through Newegg.com for $12.00 (free shipping) using promo code: EMCEHGF27 

(Stop the Cap! does not receive any commission or any other benefits from Malwarebytes or Newegg. It was simply the cheapest price we could find for the software and is subject to expire after today.)

0 0 votes
Article Rating
1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Paul Houle
Paul Houle
8 years ago

A big theme here is that big brands have been AWOL when it comes to online scammers impersonating them. For instance, huge amounts of scam spam gets sent to phish customers of big banks like Chase and Citi, and it just should not be possible in 2016. Similarly it has only been recently that Google has done anything about the many scams where “I get paid $8,521.55 a month by searching Google”…

Search This Site:

Contributions:

Recent Comments:

Your Account:

Stop the Cap!