Don’t fall for tech support scams! Learn how to spot the tricks and protect your digital life from scammers. Stay safe online 🔒💻 #CyberSecurity #TechSupportScam #StaySafeOnline

https://bdking71.wordpress.com/2025/06/24/dont-get-tricked-how-to-spot-and-avoid-tech-support-scams-like-a-pro/?utm_source=mastodon&utm_medium=jetpack_social

Don’t Get Tricked: How to Spot and Avoid Tech Support Scams Like a Pro

Learn how to identify and avoid tech support scams with expert tips on spotting red flags, protecting your devices, and responding if you’re targeted. Stay one step ahead of scammers and safeguard …

Bryan King
De Bilt - Helpdesk fraude / Gezochte personen Cybercrime / Opsporing / Menu Nieuws & Trends | Cybercrimeinfo.nl

Een 86-jarige vrouw in De Bilt werd slachtoffer van helpdesk fraude. Leer meer over bankfraude, vishing, smishing en hoe je je tegen cybercriminaliteit kunt beschermen.

Huizen / Almere - Helpdesk fraude / Gezochte personen Cybercrime / Opsporing / Menu Nieuws & Trends | Cybercrimeinfo.nl

Helpdesk fraude in Huizen/Almere: verdachte gezocht na oplichting van 79-jarige vrouw. Meer dan €1200 gestolen. Leer hoe je jezelf beschermt tegen vishing en andere cyberdreigingen.

Breda - Helpdesk fraude / Gezochte personen Cybercrime / Opsporing / Menu Nieuws & Trends | Cybercrimeinfo.nl

Vrouw slachtoffer van helpdesk fraude in Breda. Gezochte verdachte na misbruik van bankpassen. Lees meer over bankhelpdesk fraude, vishing, smishing en cybercriminaliteit.

Arrived by email… thankfully I don't get any of these anymore (they can't figure out the IVR menu prompt on the home telephone) but I have to give the woman a mark for originality…

-----

A phone conversation with a very nice young chap from Pakistan. This is how it went:

"Hello, how are you today?"

"I'm very well thank you for asking, how are you and more to the point, WHO are you?"

"Madam, my name is Sanjit, and I'm calling you from Microsoft."

"Microsoft, is that a city in Pakistan?"

"No Madam, MICROSOFT, the computer company. I'm calling to tell you that we have found a problem with your computer."

"REALLY, that's quite concerning."

"Yes Madam, it can become very serious indeed but thankfully I will be able to fix it for you."

"No, I meant it's very concerning because I don't HAVE a computer."

“You don't?"

“No."

"Ahh, it must be a problem on your laptop Madam."

"Don't have one."

"Ipad?"

"Nope."

"Tablet?"

"I have none of those things. As a matter of fact, I don't even have a telephone."

After a few seconds of silence he said "Madam, you are lying to me now!"

I said "Well, you started it!!" and put the phone down.

-----

#Humour #TechSupportScam #Microsoft

sigh, frustrating to watch folks google for major names instead of tacking on the .com to simply go to the site. Instead they get subjected to #malvertising that no user will be able to differentiate from legit.

For the chain I saw searching amazon, these seem worth blocking.

lunavattuone[.]com
urchin-app-2-p3hvj.ondigitalocean[.]app

#TechSupportScam #TSS

TIL that TSS's are equal opportunity. This is the first I'd seen a macOS TSS.

BTW, you might want to block this TDS.

tarapau[.]world

At present it points to here, but I'm sure it'll change by the time anybody blocks it.

datahubcenter11.z13.web.core.windows[.]net

#TechSupportScam

Sur le sujet: analyse de Malwarebyte sur cette arnaque exploitant les résultats de recherche sponsorisés Google
👇
https://www.malwarebytes.com/blog/news/2024/05/watch-out-for-tech-support-scams-lurking-in-sponsored-search-results

Ces mêmes outils permettent aux acteurs malveillants de cibler et adapter géographiquement les campagnes. En effet, les options de ciblage avancées disponibles dans les campagnes publicitaires permettent de viser spécifiquement une population donnée, exploitant les configurations linguistiques et régionales pour adapter le contenu du faux-message d'alerte au public.

Cette technique de ciblage est à l'origine de ce que le l'Office Fédéral de la Sécurité Cyber (OFSC) défini comme la "variante suisse romande"
👇
https://www.ncsc.admin.ch/ncsc/fr/home/aktuell/im-fokus/2024/wochenrueckblick_1.html

#CyberVeille #techsupportscam

Watch out for tech support scams lurking in sponsored search results | Malwarebytes

Our researchers found fake sponsored search results that lead consumers to a typical fake Microsoft alert site set up by tech support scammers.

Malwarebytes

This campaign consists of at least four active apex domains.

99read[.]net
hintguides[.]com
movieanddrama[.]com
myfastupdate[.]com

Each of the subdomains within them all lead to the TSS campaign with this format.

hXXps://{random}.{random}.web.core.windows[.]net/?bcda={phonenumber}

Conveniently they occasionally use subdomains with the date. For example the domain 29apr.99read[.]net came on line April 29th, 2024.

The domain 4dec1.myfastupdate[.]com was indeed observed on December 4th 2023. Interestingly the TSS was hosted on the domain itself. So the switch to Azure was a change made since then.

https://urlscan.io/result/4f249136-281f-4dc9-b8e3-d70d3edffdc2/

#ThreatIntel #malvertising #TechSupportScam

4dec1.myfastupdate.com - urlscan.io

urlscan.io - Website scanner for suspicious and malicious URLs

There's a Facebook #malvertising campaign that uses *.hintguides[.]com for it's dynamic re-director to their current #TechSupportScam (TSS) on Azure. They don't seem to rotate them as quickly as other TSS TDSs I've seen, but they did change from yesterday to today.

Here are three currently active ajax.php URLs that return Javascript that contain the current TSS URL.

22aprl.hintguides[.]com/ajax.php
bestnew.hintguides[.]com/ajax.php
latestupdate.hintguides[.]com/ajax.php

https://urlscan.io/result/bcc95c86-df1d-4153-bc92-f89537b5590d/