by Byron Connolly

Aussies continue to be targeted by tech support scams

Apr 13, 2016
Business ContinuityPrivacySecurity

Australia has joined the US, UK, France, and Germany in a list of countries targeted most by tech support scams.

Symantec said in its 2016 Internet Security Threat Report that it blocked more than 100 million malware or exploit kits relating to tech support scams in 2015 – a 200 per cent rise compared to the previous year.

The security vendor said that these scams – which involve call centre workers cold calling users to sell them support packages to resolve non-existent problems on users’ computers – have more recently displayed endless fake warning messages, urging the intended victims to call a toll free number for help.

When the victim calls the number, a criminal tries to convince them to install malware and other unwanted applications onto their computers while claiming it will fix their problems, Symantec said in its report.

“In the latest twist, tech support scammers were found using the Nuclear exploit kit to drop ransomware onto its intended victims’ computers. The scammers could distract the user while the ransomware encrypts files on their computer, perhaps increasing their chances of earning money from the victim,” the Symantec report said.

The most recent example was a malicious HTML iframe on the scammer’s website, redirecting visitors to a server hosting the Nuclear exploit kit, which was taking advantage of the recent Adobe Flash Player Unspecified Remote Code Execution Vulnerability among others.

Symantec said it discovered more than 430 million new unique pieces of malware in 2015, up 36 per cent from the year before.

“Perhaps what is most remarkable is that these numbers no longer surprise us,” Symantec said. “As real life and online being indistinguishable from each other, cybercrime has become a part of our daily lives. Attacks against businesses and nations hit the headlines with such regularity that we’ve become numb to the sheer volume and acceleration of cyber threats,” the report said.

Meanwhile, distributed denial-of-service (DDoS) attacks are growing in number and intensity, but most last for 30 minutes or less, Symantec said.

Botnets-for-hire were implicated in around 40 per cent of all DDoS network layer attacks in the second quarter of 2015, according to Symantec partner, Incapsula.

Black market prices were steady in 2015 where DDoS attacks can be ordered from US$10 to US$1,000 per day. Incapsula said a DDoS attack can cost an organisation as much as US$40,000 per hour.

“Consequently, the potential rewards for an attacker successfully holding a company to ransom in the way will more than compensate for their costs,” Symantec said.

For instance, an Australian email provider was attacked and criminals demanded a payment of 20 Bitcoins worth around US$6,600. Another company that paid the demand was soon subjected to another assault shortly afterwards, Symantec said.