When it comes to trusting online support for IT help, be careful. Here's how hackers are now posing as fake IT support sites to infect PCs. Show Notes: https://lnkd.in/epbc9f3z #WindowsError #FakeITSupport #MalwareWarning #TechSupportScam
Fake IT Support Sites Exploit Windows Error to Spread Malware | Sync Up
Transcript
When it comes to trusting online support for IT help, be careful. We'll cover how hackers are now posing as big IT support sites to infect PC's as we sit down and sync up with Rocket It's weekly technology update. Hello everyone, I'm Chris Swenson Technology and center here at Rocket IT and welcome to Sync Up, your new home for Trinity Technology News. Recently, the threat response unit at Easton Tyre discovered a series of YouTube videos and websites fraudulently promoting a fix for a common Windows error. Unfortunately, what the millions of viewers these guys have already amassed failed to realize is that the instructions guide users to download malware. Now before we get too into the details on how this scam works, let's first cover what's prompting people to seek out help. So a while back, computers with BitLocker software installed received an update. Unfortunately, this update didn't play nice with an update. Microsoft had also launched within Windows, so an error occurred. Now at this point in time, this error is notoriously known as 0X8007. 0643 which essentially means that there was an error installing a Windows Update. What's interesting here though, is that somehow during these simultaneous updates of BitLocker in Windows, Windows began displaying the incorrect error code. Instead of the error code Windows displayed, users were actually experiencing an error due to insufficient disk space within their partition. Now obviously, unless you're a trained IT professional, you'd likely assume that what Windows is telling you is the truth and you take to the web to find a quick solution for most people. Is searching a walkthrough guide would be the first place they look, but as I mentioned earlier, hackers were posting deceptive videos on YouTube and fake IT support sites promising a fix. Many of those sites found by the security team at esentire have a variation of a PC Helper wizard URL, while YouTube video specifically named the error code in the title. Regardless of how you get there, these guys tell users to run a PowerShell script that connects their PC to a remote server. Once connected, a malicious PowerShell script is installed. This malware can save. Credentials, credit card details, cookies, browsing history, cryptocurrency wallets, text files, MFA data, and even take screenshots of your desktop. All this data is then compiled into a lock and sent to the hacker, fueling other attacks like ransomware. Now, if not obvious enough, the depth of this attack can span all of your accounts quite easily, so it can be pretty devastating. As a result, it's crucial to stay vigilant and verify your sources for tech support before installing any quick fixes. For businesses, contacting a trusted IT provider is likely the solution. Not only will that cut down on any potential risk of troubleshooting on your own, but the resolution time will be far quicker and less stressful for those without IT support. Rocket IT is here to help. Simply contact us using the link in this video subscription. And to stay up to date on Trinity Nology news, hit the subscribe button in the bell to catch us on next week's episode of Sync Gov with Rocket IT.To view or add a comment, sign in
