Online criminals meanwhile have long used mass email to spread links to bogus online bank and email login pages to phish credentials.
Tech support scammers are now using nearly identical techniques, sending emails purportedly from well-known brands such as LinkedIn, Alibaba, and Amazon. The email pretends to be an invoice, canceled order, or social media message that contains dodgy links hidden in seemingly harmless text.
"However, instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary 'technical support services' that supposedly fix contrived device, platform, or software problems," explain Microsoft malware protection researchers Alden Pornasdoro, Jeong Mun, Barak Shein, and Eric Avena.
The links in the email generally point to a compromised website that, as with existing tactics, automatically redirects visitors to the scam site. Once there, visitors face a range of social engineering techniques, such as bogus security alert popups, to convince them to call the fake support call center.
One advantage of using phishing email, as Microsoft notes, is that it allows scammers to cast a wider net in addition to existing tactics.
Microsoft's data indicates that three million users each month are exposed to tech-support scams, with most of those affected coming from wealthier nations including the US, UK, Canada, Australia, France, and Spain.
The most widespread tech-support scam malware is known as TechBrolo, which Microsoft calls "support-scam malware on steroids", thanks to its use of a looping dialog box that effectively locks the browser, and an audio file that describes the supposed problem and urges the user to call a support number.
Microsoft notes Windows 10, Outlook.com, Edge, and Exchange Online Protection have a number of features that combine to block tech-support scams and threats targeting the inbox.
Edge can also stop dialog loops by allowing the user to prevent a specific page from creating more pages. Microsoft is also working on a feature for Edge that allows the user to close the browser or specific tabs when this is a popup or dialog message.