Urgent: Don’t Fall for the ISP Malware Warning Scam

We’ve written in the past about phone scams where a criminal poses as a representative from “Microsoft Support, or Verizon or even from NCTC” asking for credit card payment to perform some necessary maintenance on someone’s computer. Thankfully, increased education on cybersecurity has raised consumer awareness of scams like these, but criminals have gotten even smarter at figuring out ways to steal your information.

Just in the last couple of weeks, though, we’ve seen multiple instances, as well as reports from others, of a new variation on this scam, which is even trickier.

 

scamHow the ISP Malware Warning Scam Works

This phishing scheme is particularly tricky because it combines high-tech elements with a relatively low-tech social interaction over the phone. Here’s how it works:

  • Fraudsters cause pop-up windows to appear in a user’s web browser that are disguised as notices from that user’s internet service provider (ISP).
  • These notices claim that the ISP (e.g. AT&T, Comcast, NCTC, etc.) has detected malware on the user’s computer and prompts the user to call a “support” phone number to get assistance.
  • If the user makes the call, they end up talking to a fraudster posing as a technician, wanting to help get rid of the malware.
  • The “technician” asks for the user’s credit card information.

How Criminals Target Users

The criminals behind this scam figure out the user’s ISP and display the pop-up window by exploiting vulnerabilities in advertising platforms that put ads on perfectly legitimate websites. By placing “bad” ads on normal websites, the criminals are able to infect users with a malware program that figures out their ISP and displays the pop-up claiming to be from that ISP.

What to Do If You’ve Responded to a Scam

If you think you might have downloaded malware from a scam site or allowed a cyber criminal to access your computer, don’t panic. Instead:

  • Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem. 
  • Change any passwords that you gave out. If you use these passwords for other accounts, change those accounts, too.
  • If you paid for bogus services with a credit card, call your credit card provider and ask to reverse the charges. Check your statements for any other charges you didn’t make, and ask to reverse those, too.
  • If you believe that someone may have accessed your personal or financial information, visit the FTC’s identity theft website. You can minimize your risk of further damage and repair any problems already in place.
  • File a complaint with the FTC at gov/complaint.

Phishing Scam Targets NCTC Online Customers


NCTC – North Central has been made aware of a new phishing scam targeting NCTC customers. This scam attempts to lure customers to a fraudulent web site to input personal information and/or download virus infected programs.

NCTC will never ask for personal or account information by email.
If you receive an e-mail similar to the one below (the content may vary slightly), you should DELETE IT IMMEDIATELY.

DO NOT:
• Respond to the Email in any way
• Click any links
• Open any attachment
• Provide any data to any web sites mentioned

Example of latest Phishing-Scam targeting NCTC Customers
This was a pop-up that appeared on an NCTC customer’s computer screen.
NCTC does not use pop-ups.
This appears to be from NCTC, but the small print at the bottom actually says that it is not affiliated with NCTC.

Examples of earlier Phishing-Scam targeting NCTC Customers: