With more remote workers than ever, phony tech support scams are becoming more common. Attackers are taking advantage of the increased reliance on phone calls, impersonating your company’s tech support services to steal credit card information or company credentials.
If you think that you may have experienced a tech support scam, reach out to your cybersecurity team immediately.
Method of attack: malvertising
Malvertising, a combination of malware and advertising, is a cybersecurity threat where attackers purchase advertising space on a legitimate website to increase the likelihood that victims will click on their malicious ads. Attackers often use malvertising to steal payment information and run up fraudulent credit card charges, but they may also attempt to steal sensitive information and/or login credentials.
Signs of malvertising include:
- The inability to close ad-generated pop-up messages and/or browser windows
- An unresponsive cursor
- Animation, flashing text, and/or computer-generated warning sounds
- A phone number to call tech support and fix the “issue” with your computer via remote desktop access
- A request for a credit card number or other payment method
Your IT service desk will never ask for credit card information or direct you to purchase an application or software. If you see anything that looks like malvertising on your computer, close the browser window(s) and immediately contact your cybersecurity team. If you are unable to close the window(s), press "Ctrl"+"Alt"+"Delete" and shut down your computer. Your cybersecurity team will still be able to trace the malicious activity while your computer is off. Do not restore the browser tabs from your previous session the next time you log in.