Scam Support – here to help…or perhaps not

An interesting one landed on my desk the other day. We started to see quite a few advertisements for dotmailer support popping up on sites such as YouTube, DailyMotion, and LinkedIn’s SlideShare. The thing is, it has nothing to do with us, and the number being advertised was certainly not ours.

Now, my day job involves me tracking the latest tricks being employed by scammers, and I know tech support scammers have been around for a long time.  I myself have received one of those dodgy calls from somebody pretending to be from Microsoft.  “I run Linux”…*hangs up!*

Fake dotmailer technical support

Fake dotmailer technical support information on YouTube

However, I’ve not before seen people advertising themselves as support in the hope that somebody would find their support number in an internet search. dotmailer were not alone in this particular scam campaign. Digging a bit deeper into the accounts posting these showed that they were really spreading their net wide, by literally pretending to be support for hundreds of different companies, from other ESPs to printer manufacturers.

We of course got in touch with the relevant sites and requested that they take down the content.  Some were really good in doing this…others less so.

So what were these scammers up to? Well, it seems that their objectives are no different from the more traditional tech support scams – trick somebody into installing some malicious software, or some legitimate remote access software that they can then use to install further nasties. Either way, the result of all is this is that the victim is now open to further attacks such as password stealing, financial fraud, identity theft, etc. Of course, once they have access to your passwords, they can then abuse your legitimate accounts.

To prevent unauthorized access to online services, many providers offer something that is often referred to as two-factor authentication (2FA), or multi-factor authentication (MFA). This means that not only do you need your password (something you know), but you also need a secondary authentication mechanism. This is often something you have, such as a random number generator hardware token, a mobile app, a link sent to your email, or an SMS code sent to your mobile device.  At dotmailer, we offer the latter two of these, but we would always recommend the SMS code. In the above scenario of the computer takeover, it would be very likely that the scammer also has access to your email, and therefore they could click the link to authorize their access attempt. You can read how to enable 2FA on your account here.

Keep yourself safe

  • It is important to remember that the dotmailer support team will never contact you asking for your dotmailer password, or for you to install anything on your systems.
  • Be suspicious of any unsolicited support calls. Criminals can even spoof the number they are calling from, so caller ID is not confirmation of a legitimate caller.
  • Only ever use contact numbers advertised on your service provider’s own website.
  • As always, install security patches on your systems regularly, and keep your anti-virus software up to date.
  • Where possible, use 2FA. Turnon 2FA has tutorials on how to enable it on many popular sites.