Scammers posing as an IT support technician trying to get access to PCs aren't new and they use a variety of methods to gain your trust. One of the ways they do this is through creating a fake sense of legitimacy using professional websites such as LinkedIn. Read on to find out how.
Image by geralt
I remember receiving a phone call once from someone who claimed to be a Microsoft support technician and began to ask me all sorts of questions about my computer. That set my Spidery senses tingling and I abruptly ended that call. I did some research on the internet and sure enough it sounded like a known scam campaign.
I've since known more people who have been targeted by similar IT support scams either by phone, email or fake websites. A typical scam involves one of these so-called technicians trying to convince you that they’re the real deal and to allow them to gain remote access to your PC (through software like Logmein) so they can solve your computer woes. Alternatively, they might ask you for your credit card details.
These kinds of scams generally use social engineering methods to gain your trust and one of the most common ways this is done is through setting up a fake presence on LinkedIn. Security vendor Malwarebytes recently looked into this by analysing a LinkedIn profile of a known scammer. This scammer managed to get his profile noticed by potential victims by piggybacking off LinkedIn connections with real professionals to gain access into legitimate networks on the social media platform.
As Malwarebytes observed:
"Social networks of this type provide a one stop shop to set up a scam website, drive traffic to it, promote it through legitimate ad networks, and handle ill-gotten gains. So while we as security professionals can identify and block a malicious website, a large, resilient, and very profitable network is waiting to get the site owner back on his feet as soon as he can pay."
You can read more about how tech support scammers operate over at the Malwarebytes Security Blog.