Web giants Google and Facebook have announced that they recently took down 4,000 suspicious advertiser accounts linked to more than 2,400 tech support websites.
The move to crack down on tech support scams comes with the announcement that Google and Facebook have joined forces, along with with AOL, Twitter and Yahoo, to raise awareness of malicious advertising.
The coalition’s new website, TrustInAds.org, offers tools to report bad ads to the coalition member companies, and its associated trend report offers an interesting look inside Google and Facebook’s investigation of the crooks behind phony tech support ads.
New twist on an old scam
Fake tech support scams net criminals hordes of cash from victims who believe they are talking to tech support representatives from legitimate companies.
Legal authorities in both the US and UK have prosecuted some individuals behind the scams, but this type of fraud has been rampant and enforcement has been inadequate.
Google and Facebook began investigating tech support websites based on user complaints.
Google investigators even called some of the numbers posing as support-seekers in order to gain more information about the scammers, according to the TrustInAds.org report.
The two companies said that the scammers are becoming more sophisticated in pulling victims in via ads that show up when a user searches online for support options.
Instead of cold calling potential victims, the primary method until recently, the criminals lure unwary people into calling the scammers directly.
When a potential victim calls the tech support number listed on the scam ads or websites, call center “representatives” try (sometimes forcefully) to convince the callers to download a file onto their computer.
If a victim does open the file, it drops malware that can be used to steal their financial information, account logins, and other data used in identity theft.
TrustInAds.org Executive Director Rob Haralson said in a statement that fraudulent tech support websites pose a threat not just to the victims of the scams, but to legitimate advertisers – and the coalition member companies, who make billions of dollars selling those ads.
While limited in volume and scope, these tech support ad scams not only present a real problem for victims, but also for advertising platforms, publishers and legitimate advertisers.
Internet companies have “worked hard to remove these ads from their platform,” Haralson said.
A few examples of such tech support ads, including the one below, show how they look just like other Facebook or Google ads – making them hard to pick out visually.
According to the TrustInAds.org report, the criminals behind these scams “go to great lengths” to hide their activities and evade manual and automated filtering of ads.
... [H]idden amongst the many legitimate online ads offering these services are some ads from bad actors who lure unsuspecting users to compromise their accounts, install malware on their computers or steal their identities.
And these bad actors, often highly sophisticated, go to great lengths to hide under the radar from the manual reviews and automated filtering technologies used to catch fraudulent ads in an attempt to profit from their victims.
One of these phony support websites, shown below, offers “Gmail Technical Support,” with supposed technicians available 24/7.
By purchasing keyword ads on ad networks, the scammers can rank under search terms like Gmail tech support, Facebook tech support, AOL tech support, and similar.
Avoiding tech support scams
Some malicious ads are hard to spot, but the tech support website shown above has a few clues that this is not a reputable site.
Poor English grammar in the copy can be a tip-off that the website is suspicious or at least unprofessional.
The scam Gmail tech support site above says:
Although Google provides the best features in the field but still one may encounter with many problems and errors like ...
For example, the use of the preposition “with” in “encounter with” is not normally associated with the verb “to encounter.”
Remember that you should never agree to give someone your passwords over the phone, and never give someone access to sensitive areas of your computer.
If you need help with a computer problem, the first step should be to go to the website of the manufacturer, or seek help from friends or trusted third parties.
If you suspect you have an infected computer, you can run our free Virus Removal Tool to remove any malware.
For more advice on avoiding tech support scams, listen to our podcast below.