1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This huge typosquatting campaign is being used to run tech suppor

    From TechnologyDaily@1337:1/100 to All on Thu Oct 27 18:30:04 2022
    This huge typosquatting campaign is being used to run tech support scams

    Date:
    Thu, 27 Oct 2022 17:17:30 +0000

    Description:
    Scammers are getting people's phone numbers, and possibly even access to
    their bank accounts.

    FULL STORY ======================================================================

    A large typosquatting campaign has been detected abusing Amazons AWS cloud platform to lure people into tech support scams.

    After being tipped off by an actual computer technician working at a local shop, researchers at Malwarebytes discovered a big typosquatting campaign
    that started roughly a month ago.

    The campaign is quite dangerous, too, as victims are not only charged for the tech support service they receive, but the scammers often end up accessing
    the victims bank accounts and later drain them out. Faking a security issue

    Typosquatting is a popular technique among cybercriminals, and relies on people making a typo in ignorance or by accident. If a person were to mistype a website theyre looking to visit - they would usually see a message saying the website doesnt exist. However, some criminals obtain these mistyped domains and use them to plant malicious landing pages hosted on AWS.

    In this instance, unknown threat actors obtained a Wells Fargo lookalike domain - wellsfargo[.]cm (instead of .com). People visiting this website will get a popup saying their endpoint has numerous viruses and threats, that its locked for security reasons, and that they should call customer support via a phone number on the landing page. Read more

    This typosquatting campaign is using over 200 domains to compromise Windows
    and Android users


    Tackling malicious domains and typosquatting


    Check out our list of the best endpoint protection services right now

    Besides the risk of talking to the fraudsters on the phone, giving them
    access to the devices and possibly even bank accounts - there is also the
    risk of the fraudsters knowing peoples phone numbers, which can later be used in identity theft scams.

    The best way to protect against such attacks is to make sure youre typing the addresses correctly and to be suspicious of any security pop-ups saying the device is locked and urging the user to act immediately.

    While Malwarebytes claims this is a major typosquatting campaign, it listed
    10 domains that were recently hijacked, including Amazon, DuckDuckGo,
    Walmart, and Home Depot. We dont know how many people might have been
    affected by this attack. These are the best firewalls out there



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-huge-typosquatting-campaign-is-being-used- to-run-tech-support-scams/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)