Microsoft warns its Quick Assist app could expose Windows and macOS users to AI-driven tech support scams and "scareware"

News
By published

While Microsoft is deploying countermeasures against scams, it still recommends internal alternatives, like Remote Help.

Anonymous computer hacker in white mask and hoodie. Obscured dark face using laptop computer for cyber attack and calling on cellphone
Hackers are adopting voice cloning and other sophisticated AI-powered techniques for fraud. (Image credit: Getty Images | Witthaya Prasongsin)

Recently, Microsoft issued a stern warning to Windows and Mac users to refrain from using the Quick Assist app on their PCs and devices. Per the company's own report, bad actors are leveraging AI tricks to gain unauthorized remote access, and by extension, steal personal information and various credentials (via Forbes).

Ever since generative AI burst into the world, the technology has gained broad adoption across medicine, education, entertainment, and computing. And while it has proven to be an invaluable resource, there are critical security and privacy concerns as "hackers" harness the tech.

For context, Quick Assist works on Windows or macOS devices for remote access to devices. "Tech support scammers often pretend to be legitimate IT support from well-known companies and use social engineering tactics to gain the trust of their targets," added Microsoft.

"They then attempt to employ tools like Quick Assist to connect to the target’s device.”

Microsoft says the broad availability of AI is "making it easier and cheaper to generate believable content for cyberattacks at an increasingly rapid rate." It further detailed how attackers are camouflaging their illicit attacks with AI and masquerading them to unsuspecting users as "tech support," making it even more difficult to decipher the real deal from scams for inexperienced users.

The sophisticated attacks include "scareware", which often leverages popups or images mimicking a faulty device notification requiring immediate action. Interestingly, the Federal Bureau of Investigation (FBI) indicated that in most cases, unsolicited tech support calls are often linked to scams and fraud.

Microsoft and Google have confirmed that they'll never reach out to their clients directly to inform them about a fault and request help to fix it. “Legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals,” the FBI added.

To that end, users are encouraged to avoid installing apps that grant remote access to their devices. If they do, it's paramount to initiate a support call through publicly available channels or directly from the OS installed on their device, and stick to trusted internal remote access apps like Remote Help within their companies.

While the report confirmed that Quick Assist hasn't been compromised by these sophisticated AI ploys, abuse of software by bad actors places Microsoft in a tough spot with areas of risk that it's currently trying to mitigate.

CATEGORIES
Kevin Okemwa
Kevin Okemwa
Contributor

Kevin Okemwa is a seasoned tech journalist based in Nairobi, Kenya with lots of experience covering the latest trends and developments in the industry at Windows Central. With a passion for innovation and a keen eye for detail, he has written for leading publications such as OnMSFT, MakeUseOf, and Windows Report, providing insightful analysis and breaking news on everything revolving around the Microsoft ecosystem. While AFK and not busy following the ever-emerging trends in tech, you can find him exploring the world or listening to music.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.