Tech Support Scams improved with adoption of Call Optimization Service

Security experts from Symantec are warning of tech support scams abusing Call Optimization Services to insert phone numbers.

Crooks are improving their tech support scams by using Call Optimization Services that are commonly used in legitimate call center operations to perform:

• Tracking the source of inbound calls
• Creation and management of phone numbers
• Call load balancing
• Call forwarding
• Call analytics
• Call routing
• Call recording

Scammers continue to improve their techniques and now they are using the service to dynamically insert phone numbers into their scam web pages and potentially gain additional features to make their scams more successful

The scams begin when unaware victims visit a malicious website or are redirected to a bogus website in various ways such as a malvertising campaign.

“The scam web page informs the victim that the computer has been blocked due to a malware infection and tries to lure the user into calling a “toll free” number for assistance. An audio file, stating that the computer is infected, is also played in the background when the user arrives on the scam web page.” reads the analysis published by Symantec.

The pages display a list of numbers to call to fix the problem and users in panic tend to call them.

According to Symantec, crooks leverages call optimization services in order to dynamically insert phone numbers into a scam page.

“However, by using the call optimization service’s tag in the URL the scammers can dynamically insert phone numbers into their scam pages,” continues Symantec. 

“This can be useful, for example, if victims are based in multiple countries, as the victim can be shown a phone number that calls someone that speaks their language.”

Crooks can abuse Call Optimization Services in their tech support scams also for other goals, for example, to provide analytics, to implement load balancing during busy times to avoid losing calls.