Scamming Through Social Engineering

Before I begin I have to say that these are becoming a favorite of mine now, so here’s yet another tech support scam. This one is quite different though because it disguises under Apple’s remote assistance website (www.ara.apple.com) where users go when they have an issue with their Apple computer and want to have a technician troubleshoot it using a service such as LogMeIn or TeamViewer. This scam is registered to a domain similar to Apple’s official remote assistance website (www.ara-apple.com) and tricks the visitor of the site into calling a phone number which presumably connects them to a scam center in India.

Safari_alert

This tactic isn’t particularly new as there are many websites that tell the user to call a number or visit a website to “seek assistance”, but this one is different in the way that the bogus Apple assistance website the user visits starts providing them with .dmg downloads that they need in order to “begin the troubleshooting process”. It only gets worse from there as the user starts downloading malicious programs onto their computer and most likely does more damage to it than before. So much for assistance.

asddasdasd

What’s also pretty funny is that the website is registered to some guy in Delhi, India and he used GoDaddy to register it. Malwarebytes, the organization which initially posted about this site just yesterday, reached out to GoDaddy in hopes of getting the site down.

Source

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s