This paper was presented at VB2014 in Seattle, WA, USA.

Tech support scams have been going on for a long time, and despite all the attention they’ve received, they are only getting worse.

The classic fake Microsoft cold call is no longer the only technique used, as it is far more effective to have marks call with a problem.

Scammers are diversifying their persona using deceptive ads and pop-ups, phishing scams, and even targeted campaigns for special events such as the end of the tax season.

As the scams get more sophisticated (Mac OS and Android are on their list too), the risks for potential victims have increased. Documented instances show that while ‘scanning’ the computer for viruses, the crooks scrape any personal documents they can lay their hands on, opening the door for disastrous identity theft issues.

While education and awareness go a long way to reducing the number of victims, security researchers can help out too. This paper will show how to build your own honeypot to collect everything the scammers download on the machine and track their geolocation down to real-world coordinates – even when remote software logs are disabled or the connection is routed through a proxy.

Finally, I will present real intelligence collected using the previously described honeypot.

More info on Tech Support Scams 2.0: an inside look into the evolution of the classic Microsoft tech support scam

  • The Official DVD FAQ

    The Digital Bits is proud to serve as an authorized U.S. mirror site for Jim Taylor's Official DVD FAQ! This page will be updated regularly, to keep it current with the official FAQ site. If you have ...


    Pointing to a little-noticed "Cyber Security Alert" issued by the United States Computer Emergency Readiness Team (US-CERT), a division of the U.S. Department of Homeland Security, the source inside ...

  • The Coming Storm

    Here’s how one security and tech ... of scams to understand that fraudsters can and often do spoof phone numbers. So while still on the phone with the caller, he quickly logged into his account ...

  • Krebs on Security

    Here’s a look at how they’re adjusting to these new ... “Also some actors have reported that banks’ customer-support lines are being overloaded, making it difficult for fraudsters to ...

  • Internet and Tech News

    Aussie views complain that those long days of cricket and tennis coverage on Channels 7 and 9 are leaving the stations' logos burned into expensive receivers ConsumerAffairs partners pay to be ...

  • Anthony Garreffa

    Working in IT retail for 10 years gave him great experience with custom-built PCs. His addiction to GPU tech is unwavering.

Leave a Reply

Your email address will not be published. Required fields are marked *