8/31/2023 0 Comments Microsoft one drive scam![]() ![]() If you are unfortunate enough to have got caught out by the support scammers and find yourself sitting in front of a locked browser with the telephone support number being your only apparent way to escape, don't panic. More often than not these support scammers are covering a number of possible payloads: remote installation of malware on your computer, stealing your credit card details or compromising your online banking login credentials. These support scam campaigns are designed to scare people into calling their fraudulent hotlines in order to gain remote access to the computer and extort a "support fee" for fixing the problem that doesn't exist. The scammers have also been changing the pages host address up to 12 times each day in order to evade detection. ![]() There are specific variations for Google Chrome, Microsoft Edge and Mozilla Firefox as well as a catch-all for any other browser client. Wang also found that the format of the pages displayed will vary depending upon the browser version being used. ![]() These HTML documents within other HTML documents are "added by setting iframe as the page's showLogin," Wang reports, "making it appear when the URL is entered." The iframe content is the authentication page URL, hence the loop which effectively freezes the browser in a seemingly inescapable lock. Rather than applying basic JavaScript coding to loop the user back to the same pop-up window, this scam does it by adding iframes. While creating a loop to a web page isn't unusual in and of itself, Wang says this campaign is different thanks to the methodology used. It urges the user to call a support number to remove the infection and prevent "further damage to our network." While such language would ordinarily be highly suspicious to most people, the scammers have employed another tactic to scare the user into believing the threat is real: freezing the web browser. The "support" window, meanwhile, claims that the computer has been infected by "a virus and a spyware" that has stolen your Facebook login, credit card details, email credentials and photos stored on the device. Clicking to cancel the authentication pop-up just loops the user back to the same page. One asks for a username and password from the user while the other suggests they telephone Microsoft for urgent technical support as the computer has now been blocked. Nothing could actually be further from the truth, of course, and the user will be faced with two pop-up windows as they arrive. At this cost, it takes a little over four months for you to get a full return on the investment compared with buying the subscription, so the risk factor isn't super high here.Thought to be using the traditional social engineering method of malvertising to distribute malicious links, the fraudsters direct potential victims to a web page that appears to be typical of a Microsoft technical support site. But versions of StackSocial's deal have been running for more than a year - the one we bought in early 2022, for instance, still works fine. To that last point: Though this is listed as a "lifetime license" - that is, the lifetime of the computer you installed it on - it's worth noting there's always a risk that Microsoft could terminate the license. And while the apps should continue to work as long as your computer does, Microsoft's support for this version of Office ends on Oct. You won't get any OneDrive Cloud Storage, nor will you get the fancy new cloud-based AI features like Microsoft Copilot. Likewise, you're passing up on other benefits you'd get as a 365 subscriber. First, this key is good only for a single computer, so you won't be able to install it on various machines in your home, and if your current computer happens to die, you could run into a snag when trying to transfer it. ![]() Now, a deal this good comes with some caveats. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |