Tech Support Scam Blurs the Line with Ransomware, Locks Users’ Computers
Scammers are constantly evolving their mode of operation
May 18, 2016 13:20 GMT · By Catalin Cimpanu
Tech support scammers have been taking inspiration from ransomware operators and have changed their mode of operation by creating malicious software that blocks the user’s access to the computer until they contact a call center for support.
For years, tech support scams have used so-called “scareware” tactics, trying to trick users into thinking they needed technical support from an expert. These methods often used warnings and popups telling users they had malware on their computer, or a fault on their hard drive, with the computer ready to fail at any moment.
Later, the same tech support scammers developed clever JavaScript-powered tricks to lock the user into a one Web page, with the same scary messages, aiming to trick the victim into contacting their call centers.
“Tech support scammers are borrowing ransomware tricks”
In the latest installment of this tech support scam, the crooks have managed to find a way to lock the user’s entire computer, not just their browser.
This trick is reminiscent of the early days of ransomware. Back then, ransomware didn’t encrypt your files, but merely blocked access to your computer with screens overlaid over your desktop, or by disabling keyboard and mouse input.
Security researcher slipstream/RoL discovered one of these tech support scams that lock the user’s entire PC. He and the team at Malwarebytes investigated this problem.
“Crooks used adware to infect and lock computers”
This happened to me just two days ago. The work-around was easy, but only because I have a second computer to use to look up the work-around. But it just seems no one is really interested in doing anything about it.
With all due respect to the scammers, MS invented this problem through a really lousy OS architecture.