Scammers have found a new way of relieving unsuspecting victims of their hard earned cash: they have begun combining fake AV with fake support calls.
The scam begins with well-known pop-ups – in this case the victims are taken to a site simulating the alert – that notify the victims about a slew of malware they have on their computers. But instead of directly offering the solution for sale, the alert instructs victims to call a phone number “for immediate support”:
By doing so, the victims will be subjected to outright lies and hard selling techniques, all employed with the goal of making them part with a large sum of money (in this case, $275).
And unfortunately, that approach obviously works on large enough number of people to make it worth the scammers’ time and effort.
Sophos’ Paul Ducklin points out the small print accompanying the fraudulent pop-ups, saying:
We are not affiliated in any way with Microsoft. It is important to note that this site and the image depicted above are to be used as an illustrative example. This website and any page on the website, is based loosely off a true story, but has been modified in multiple ways. Thus, this page, and any page on this website, is not to be taken literally or as a non-fiction story.
Of course, this text is all in about 6-point black letters on a dark blue background – i.e. extremely easy to miss.
The scammers obviously think it will be enough to exonerate them from any culpability should they be caught and charged. They believe that saying “They called us!” and the aforementioned text will do the trick, but they are wrong, because it’s still fraud.