Google, Facebook Unmask Tech Support Scams

Google and Facebook are finding cunning scams in which shysters advertise 800 numbers for bogus tech support that typically leads to people giving up personal data and downloading malicious software.

The companies described the schemes in the first report published by TrustInAds.org, a nonprofit group launched this week by AOL, Facebook, Google and Twitter. The organization is dedicated to educating people about malicious Web advertisements and deceptive practices.

Tech support scams were chosen for the subject of the group's debut report because of the craftiness of the fraudsters, Rob Haralson, executive director of TrustInAds.org, said Friday. Posing as a legitimate business and providing an 800 number in an online ad or related web page makes it difficult to identify the service as a scam.

"By doing it through an 800 number, it takes the scam offline, so for Google's (automated) systems and Facebook's too, it becomes a little bit more of a challenge to determine which tech support providers are legitimate and which ones are scammers," Haralson said.

Because of the difficulty in getting automated systems to detect the scams, Google will have employees call the posted numbers and pose as callers looking for tech support. Oftentimes, the numbers are to places outside the U.S.

To date, the two companies have found a total of 4,000 such scams hijacking the names of 2,400 legitimate businesses, Haralson said. The fraudulent ads typically appear in Facebook display ads and Google search results.

Scams that depend on deceptive advertising hurt the online ad industry by further tainting the reputation of a business constantly under fire by consumer advocates for gathering too much personal data.

People roped in by the scammers can lose money and have their credit ratings damaged by downloading malicious software that contains viruses, spyware, adware and keystroke loggers. The malware is typically designed to steal personal data that can be used later to impersonate the person to obtain credit, merchandise and services.

In some cases, the crooks download software that freeze the recipient's computer and then demand several hundred dollars to unlock the system, Haralson said.

"The scammer essentially holds the computer hostage," he said.

Google and Facebook use automated and manual methods to detect fraud. The Internet companies continuously check ads and the Web pages they point to in search of signs that they are part of a fraudulent operation.

Other deceptive activities TrustInAds.org plans to report on in the future include scams that promise weight loss for little or no effort, Haralson said. The group will also look at ads that try to get people to pay for content, such as government documents, that is available for free on the web.

Tags Google securitylegalonline advertisingadvertising securitytwitterFacebook security issuessecurity awarenessFacebookcybercrimemalwareGooglesecurity

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Email Security and Data Protection

Encrypt your sensitive email

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.