Vulnerable users assaulted by massive campaigns designed to exploit lack of technological knowledge.
Fake tech support attacks have been so prevalent in the last few years that this malware was actually a plot device in the Jason Statham action movie, “The Beekeeper.” While threat actors pulled back on that particular attack in the beginning of 2024 as it was garnering a great deal of attention, they diversified toward other types of “scareware” (ads that try to scare consumers into downloading backdoors by falsely informing them that their devices are infected) as well as fake software updates (particularly for VPNs).
However, fake tech support scams were back with a vengeance in October—a 5.5X growth month over month, part of an overall assault of scareware, fake software updates, and other attacks meant to take advantage of consumers who are not tech savvy.
The tech support scam is an old-school attack that has proved depressingly effective on contemporary digital consumers—particularly on senior citizens. In-depth research by The Media Trust’s Digital Security and Operations team has shown that tech support scams directly target senior citizen user profiles, even zeroing in on senior living communities and other geographies with high populations of older internet users.
Tech support scams have grown wider in their reach and ambition, now MacOS devices as well as Windows users. It appears threat actors are applying similar tactics when distributing other types of campaigns meant to alarm the technically vulnerable. Even worse, the bad guys hack the domains of legit brands, publishers, and advertisers, and then deliver malware via these sites until they are discovered.
To protect senior citizens and other vulnerable digital consumers from these ever-increasing assaults, we recommend:
- Analyzing ad inventory from locations with large populations of older Internet users
- Using audience profiles that mimic senior citizens to draw out hidden threats
- Leveraging a real-time security solution to block fake tech support and scareware attacks before they render on sites and apps
