The Central Bureau of Investigation, India's federal enforcement agency, recently conducted a series of criminal raids against illegal call centers across the country in an attempt to clamp down on tech support fraud.
These raids were the result of a joint referral made by Microsoft and Amazon - the first time both companies have joined forces to combat tech support fraud.
Tech support fraud is a major problem that impacts a wide variety of industries.
According to the U.S. FBI, tech/customer support and government impersonation have cost victims over $1 billion in losses.
The illegal call centers raided by the CBI were set up to impersonate Microsoft and Amazon customer support, targeting more than 2,000 customers across the US, Canada, Germany, Australia, Spain, and the UK. Read on to learn more about this threat and how the cybersecurity industry can join forces with government entities to raise the bar on collective defense against tech support fraud and other emergent threats.
Understanding Tech Support Fraud At its core, tech support fraud involves scammers who use scare tactics to trick victims into unnecessary technical support services.
Sometimes fraudsters will call their victims directly and impersonate representatives of a tech company, asking them to pay to fix a nonexistent device or software problem.
Threat groups use a variety of tactics to make these purported issues appear more realistic.
They can spoof caller IDs to display a legitimate support phone number from a trusted company or populate websites with fake error messages.
Security teams should monitor the latest threat intelligence and update users on current threat vectors, such as unsolicited offers of support; suspicious payment methods, like Bitcoin or gift cards; or instructions to download third-party software that doesn't originate from trusted security companies.
On the proactive side, Microsoft's Digital Crimes Unit is working to combat tech support scams by investigating tech support fraud networks and referring cases to law enforcement as appropriate.
We update our products and services with the latest threat intelligence to better protect consumers from various fraudulent tactics and provide guidance and resources on how to identify, avoid, and report suspicious activity.
Supporting Collective Defense Through Greater Collaboration The CBI's raid is an excellent, real-life example of the impact that security companies and law enforcement can have when they work together to advance collective defense by sharing intelligence and resources.
Cyber threats are ever-evolving, so trusted relationships and collaboration are necessary to improve collective knowledge, drive resilience, and mitigate global security risks.
There is a vast amount of cybercrime intelligence and data at our fingertips, but many companies cannot fully use this information due to the fragmented nature of cybersecurity.
In June 2022, the World Economic Forum launched the Cybercrime Atlas initiative, with support from companies including Microsoft, Fortinet, PayPal, and Santander Group.
The initiative takes a global collaborative approach to gather human-vetted open source intelligence from sectors such as finance, technology, telecommunications, cybersecurity, and cloud providers.
The Cybercrime Atlas specifically focuses on cyber-enabled and cyber-dependent crimes, such as business email compromise, credit card fraud, malware, and ransomware.
Although still a new initiative, the Cybercrime Atlas will create a standardized and scalable model for open source intelligence research.
This contextualized intelligence enables security teams to identify connections among cybercriminals, threat groups, and shared infrastructure.
This Cyber News was published on www.darkreading.com. Publication date: Wed, 06 Dec 2023 14:00:07 +0000