Microsoft warns of new tech support scams that use phishing tactics

The company recently posted a related warning on its Windows Security blog. From that post:

The said spam emails use social engineering techniques — spoofing brands, pretending to be legitimate communications, disguising malicious URLs — employed by phishers to get recipients to click suspicious links … However, instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.

Fake Amazon order cancellation email, in which the order number is a suspicious link.

Fake Amazon order cancellation email, in which the order number is a suspicious link.

The concept isn't new, but the means (getting people to panic and pursue tech support) to the end (stealing innocent victims' money) is slightly different.

People who use Microsoft Exchange Online Protection (EOP) for Office 365 and Outlook.com are protected from the ploy, because anti-spam filters in those products identified characteristics of phishing emails and blocked the dangerous messages, according to Microsoft. And the company's Edge browser can also block pop-up boxes and or dialog loops created by tech support scam websites, Microsoft says.

The company also says three million online users encounter tech support scams every month, though these new phishing-type ploys appear to be new and could increase that number.

Al Sacco

Al Sacco is content director of Future PLC's Mobile Technology Vertical, which includes AndroidCentral.com, iMore.com and WindowsCentral.com. He is a veteran reporter, writer, reviewer and editor who has professionally covered and evaluated IT and mobile technology, and countless associated gadgets and accessories, for more than a decade. You can keep up with Al on Twitter and Instagram.