Fake Tech Support Scam Gets New Twist

John Lister's picture

A newly-publicized take on a long-running scam involves on-screen messages that falsely appear to be from a user's Internet service provider. It's a trick with a variety of ways to profit from the customer.

For many years, scammers have been calling people on the telephone claiming to work for Microsoft or other computer companies, saying the person receiving the call has a virus. The scammer will then usually try to get the victim to pay for bogus tech support services. While most people realize it's a scam, the idea is to call enough people so that even a small percentage of duped users add up to big profits.

New Virus Scam Claims to Come from Users' ISP

The new variant of this scam involves an on-screen message with the logo (pic) and name of the customer's Internet Service Provider (ISP). The message says that a system scan has revealed spyware and gives the user a number to call for assistance. The scam hotline is usually a 1-800 number; a number recently used in this scam is 1-866-601-3127 - please do not call that number. Please also note that the phone number will change as authorities take down the scam hotline, only to have scammers purchase a new phone number and repeat the scam, ad infinitum.

What makes this variant more effective is that by correctly identifying the ISP, the message may appear more credible to some recipients.

Rogue Advertising Provides Insight

According to the BBC, the most likely explanation for the scammers knowing the users' Internet Service Provider is that scammers have placed rogue advertisements on websites; these ads are then configured to redirect users to a page operated by the scammer. This usually happens automatically in the background of the browser, so that the user doesn't realize what is happening.

The scammers are then able to see the IP address from which the user has visited. An IP address identifies a specific Internet connection (such as through a router). In many cases, the number is assigned by an Internet service provider to a customer. That means the scammers know which ISP the customer uses, and can thus deliver a customized scam message with a specific scam hotline phone number and possibly an extension number. Calling this number puts the customer through to a scammer who knows which company's representative they should pose as.

Card Details Among Scammer Goals

Exactly how the scammers go on to make money may vary. One option is simply charging for a supposed "fix" to the bogus virus / spyware "infection", with the possibility of the scammer taking the credit card number and selling it to third parties.

Another trick is getting the customer to download and install software that's supposed to "fix" the "problem." This can allow the scammer remote access to the computer to hunt for personal and sensitive data, such as financial account details. Alternatively the "security software" may actually be malware, adding the computer to a network of infected machines that can be used for large-scale attacks on websites.

What's Your Opinion?

Have you spotted a bogus pop-up that supposedly comes from your ISP? Would such a scam be more likely to trick you (if you didn't know to watch out for it)? Has your ISP warned you about this scam?

Rate this article: 
Average: 5 (12 votes)


Dennis Faas's picture

I wish that there were some sort of international law to jail these scumbags for lengthy sentences and put an end to it once and for all. The fact is however that these scammers are most likely highly organized crime rings operating all over the world, and taking them down is like playing a game of whack-a-mole.

Tex Dad's picture

I had one of my friends succumb to the phone type bogus tech support call last year. She lost about $300. But due to the ineptness of the 'tech support' people, I was able to prevent any further damage to her finances.

Thanks to John (& Dennis) for alerting me to this new scam technique. I will let her, and others know about it. There is a potential for this technique to have even more impact since Verizon recently sold their ISP business to Frontier in many parts of the country. Frontier has been having problems with the transition, and many have told me about their travails.