It happens just about every day. Some slimy scammer comes up with a new way to impersonate SWCP’s renowned tech support in order to steal your data.
Here’s the latest that a customer recently received word for word (only the false tech support phone number has been obscured):
IF YOU ARE A Southwest Cyberport CUSTOMER
PLEASE READ BEFORE CONTINUING TO
it appears that your OS X computer and Firefox web browser has popup ads ENABLED and may be at a security risk.
Please call TOLL FREE to repair this now at 1-866-283-XXXX.
PLEASE FOLLOW THESE INSTRUCTIONS:
Before you use , it is strongly advised that you call to disable popup ads. You can do so by calling 1-866-283-XXXX now.
Users might be impressed by the fact that the scammers seem to know what system and browser are being used and the IP address. But it’s fairly trivial to discover those things, or the bad guys might just have guessed, and like most phishers, are just hoping to get lucky.
But there are two obvious clues (apart from poor grammar):
1) The phone number is NOT for SWCP Tech Support. While Area Code 866 is reserved for toll-free tech support and the like, why would we not use our local number (232-7992) or our own well-established long distance toll-free number (1-888-792-7966)?
2) Firefox and all other browsers block popups on the user’s own computer – it has nothing to do with server settings. SWCP has no way of telling – much less preventing – pop-ups upstream from users. Not only that, the browsers make it remarkably easy to block pop-ups, so simple instructions could be included in an email, with no need for contact:
- On the top menu, go to Tools > Options.
- Click the Content listing on the sidebar.
- On the Content page check “Block pop-up windows“
That’s it. That’s all you need do. If you want more information about pop-ups, Mozilla has more.
What is new about this particular scam is that unlike most phishing schemes, this one has no links to bogus pages which would install malware. That’s what we’ve been telling people over and over to beware of. But the jerks who designed this little phish-hook want people to call them. Doubtless the user would be connected to someone pretending to be us, who would talk the anxious individual into installing the malware for them.
The bottom line remains: Don’t Panic. Do not answer any such email, and do not call the number provided or click on any link. We do send out warnings occasionally, but if there’s any reason to contact any users, we usually do so individually by phone or email.
If you receive a dubious notice like this and are concerned, please forward the email to firstname.lastname@example.org. You’ll be doing yourself, your fellow customers, and us, a big favor.
Meanwhile, here are other postings that mention phishing: