Scammers Impersonate Internet Service Providers (ISP) in Fraudulent Technical Support Campaign
Date: 24 March 2016
The purpose of this Alert is to bring attention to a fraudulent technical support campaign impersonating ISPs.
Through open source reporting, CCIRC is aware of a technical support scam that impersonates ISPs in order to convince users to give the scammers remote access to their machines and remove allegedly malicious files for a fee. The scammers identify the target’s ISP through their client IP address, and then display a legitimate looking technical support page, mimicking that of the legitimate ISP, that urges the intended victim to call for immediate assistance. Once the victim contacts the number provided, the fraudulent technician takes remote control of the machine to convince the victim that they are infected with several malicious files, and that they should make a payment to the technician to remove the allegedly malicious files. The fraudulent technician will perform simple file searches on the system in an attempt to add credibility to their activities. The scammers rely on the fact that some people may not be able to distinguish between malicious and non-malicious files. The scammers also use custom audio messages impersonating the individual victim’s ISPs, giving more credibility to the scam.
Anyone experiencing this type of behaviour should not establish contact with the number provided.
- Report the fraudulent call to the Canadian Anti-Fraud Centre at the following link http://www.antifraudcentre-centreantifraude.ca/reportincident-signalerincident/index-eng.htm.
- If the consumer has allowed remote access to their computer, then the system is likely compromised or open to further remote abuse. Affected consumers should consider reinstalling their operating system using the computers built-in back-up feature. Alternatively, take the system to a reputable computer support service to have the system reinstated to assure complete protection of their system and information.
More information on this scam can be found at the following link:
Scammers Impersonate ISPs in New Tech Support Campaign
Note to Readers
In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.
Please note, CCIRC PGP key has recently been updated.
For general information, please contact Public Safety Canada's Public Affairs division at:
Telephone: 613-944-4875 or 1-800-830-3118
- Date modified: