Clever JPG Scaming trick on Google Chrome

There’s a new trick to fool people intro infecting their browsers. It works by displaying an almost picture perfect (literally) copy of the original Microsoft support page. The trick is classified as a tech support scam.

How Does the Support Scam Work?

When the user opens the tech support scam page, he or she will see something very similar to the original Microsoft support page. However, it won’t be a webpage at all, but a JPG picture, strongly resembling the original. The picture urges the users into calling a tech support number to fix a fictitious problem. When the user attempts to close the page, or in this case, the picture, the scam will display messages like “Are you sure you want to close this page” or “Do you really want to exit?” which are standard fare in web browsers. If the user clicks on OK / Yes on these windows, more redirects are going to open. The script makes it hard to close the page using the standard Google Chrome interface, which It replaces.

The usual method of protection against tech support scams is to check the URL of the webpage and if it’s the original. Since the scammers can’t use the real Microsoft URL, they have to create a fake domain that merely resembles the original. That’s the best way to differentiate between legit tech support sites and scam ones. The scammers have solved that problem with the JPG picture, which includes an original URL. They have only made one mistake – the address includes “ru-ru”, which makes it seem like the site was opened in Russia. The source code also contains some Russian phrases and words, which indicates to the scam’s state of origin. The scam also has spelling errors that you’re very unlikely to see in a legitimate Microsoft page.

tech-support-scam-google-trick-bestsecuritysearch

Tech Support Scams Are Effective

The scammers make quite a bit of money out of the phone calls and the following scams. They often demand payment to fix the non-existing problems. People who aren’t knowable about the workings of browsers and lack the tech savvy to remove the pages often give the crooks money for tech support that will never come.
As we said, the usual way of tech support scammers is to create a copy of the site, but the URL is still different. Sometimes one scammer can run hundreds of scam domains. This is necessary because the scams are discovered and blocked quickly, so the crooks must also be quick on their feet if they want to continue making money out of the perplexed individuals that come across their sites.

Scammers rarely get what they deserve or get caught. One exception is the tech support scammer that got infected with Locky from a cyber-security expert.

The first, most important thing to know is that Microsoft doesn’t have a tech support hotline. In fact, if you see a telephone number of the company somewhere on the web, it’s likely a fake or a scam. Second, even if you contact Microsoft, it’s unlikely that they’ll want to charge you money for fixing a problem with their own website. Microsoft’s site will also never “trap” you with redirects and non-working buttons.

Alex Dimchev

Author : Alex Dimchev

Alex Dimchev is a beat writer for Best Security Search. When he's not busy researching cyber-security matters, he enjoys sports and writing about himself in third person.


Related Posts