Fraudulent Tech-Support Sites Attempt to Initiate Calls on Systems and Mobile Devices

According to a recent report by Microsoft, tech-support scammers have begun to incorporate click-to-call code into their fraudulent websites. This code is designed to launch the default call application on a system or device when a victim visits – or is redirected to – these sites. If the victim allows the call to be initiated through the associated application, he or she will be connected to the scammers and potentially defrauded. Tech-support scammers are using this technique to prevent victims from closing the browser applications and ignoring the website. The pop-up requests associated with the call applications need to be accepted or denied before the victim can continue using their device and scammers hope this technique will scare victims into initiating the call. This campaign affects multiple operating systems and platforms including Windows, macOS, iOS, and Android. The NJCCIC recommends never completing any call you did not initiate and immediately closing any pop-up that tries to initiate a call through your system or mobile device. If the pop-up does not allow you to cancel the request, reboot the affected system or device and be sure to clear your browser’s cache to prevent opening the website the next time the browser is launched.

AlertNJCCICScam, Campaign