A new trend, which was also pointed out in our Q1 cybercrime report, is the combination of PUPs and Tech Support Scams. Most of these PUPs are so-called system optimizers. This is worrying as the damage done by PUPs was limited or we would have marked them as malware. By adding Tech Support Scams to their portfolio the possible damages have increased considerably.
How are system optimizers combining the two?
The easiest way to spot this connection is by looking at the use of telephone numbers in the GUI of system optimizers. Get this straight, we’re not saying that every company that does this is actively out to scam its customers, but the increase of telephone numbers on applications that were installed by bundlers has been notable. And, let’s face it: why would I want to call a company that puts their software on my computer without my consent? Oh well, besides to yell at them.
But the people that make those calls in good faith, do end up paying for the potentially unwanted programs and anything else the scammers manage to sell them.
For example when one of our investigators called the number showing on the PUP working under the name “Registry Scanner” which hails from the domain lishbos[.]com –
— he was sold a two-year subscription to a “Gold Offer” from epicsofts[.]com for the amount of $99 and the remote support technician downloaded yet another “System Cleanup” utility to his system.
Of course, that utility turned out to be yet another PUP.
Related posts
- Report: the anatomy of tech support scams
- The hunt for tech support scammers
- Tech Support Scams – Help & Resource Page
“>
Pieter Arntz