Friday, January 16, 2015

Tech Support Vishing Scam Documented


I have to admit the term "vishing" for voice phishing is a new one for me even if the technique isn't.

"PhishMe has released details of a recent  'Vishing' scam experienced first-hand by its senior research Ronnie Tokazowski. Vishing is when someone rings up, pretending to be from a legitimate organization - be it a bank, the police, or as in this case technical support - claiming you’ve been a victim of fraud.

"Ronnie explains, "We recently investigated a 'vishing' call received by one of PhishMe's employees. After saying that he would call the 'technician' back, the employee passed the number over to us and we began to investigate. The number the technician provided us was 646-568-7609. A quick Google search of the number shows that other users have received similar calls from the same number. In one example, “Peter from Windows” was the person calling. In our case, it was Alex Jordan from Seattle. Once connected, I was directed to a website, 'www.pcefix.webs[d]com' where I could download the information to allow the computer technicians to 'fix' my system. These downloads were riddled with viruses."

"As you can imagine, Ronnie also had a 'little fun' with the scammers, as he confirms "Once Alex [the scammer] 'convinced' me that my computer was infected, he offered me a few different payment options. The basic option was $199 for a 2-year warranty to fix my computer, $299 bought another 2 years, and $399 bought lifetime service for fixing every system in my house. What a deal!""