How does fake antivirus vishing scam work?

A new security threat was detected by IT security services specialists. According to a report by the West Virginia Attorney General, citizens must remain vigilant not to fall into the new vishing campaign designed by cybercriminals.

Prosecutor Patrick Morrisey says his office has received more than 100 calls from consumers across the state reporting the new scam. Apparently, it all starts with a voice message; caller demands a payment of up to $400 USD for the alleged purchase of antivirus software.

These calls usually involve the use of recorded messages, mentioning experts in IT security services. According to the reports, the attackers mention: “We inform you that we have renewed your antivirus service for the next year for $399 USD; the charge will be reflected in 24 hours. If you would like to cancel and receive a refund, please call 1-213-288-7257.”

If users call the number provided, the call is answered by an alleged representative of the security company, who will try to get the user to make a payment using their credit card. In addition, suspected scammers may also try to access the victim’s computer in case they refuse to make the payment, citing a software update.

Other versions of the scam involve alleged representatives of an unknown technology company claiming payment for services not requested by the user, as mentioned by IT security services specialists.

“Consumers should be careful if they receive one of these calls, especially if they are not familiar with the issue that scammers deal with,” the prosecutor says. Morrisey also recommends users try to identify warning signs when receiving these calls: “Sometimes hackers use machines to not use their voices, choose unusual words, or make mistakes in language usage; the most important thing is not to believe their stories and not send them money under any circumstances.”

Consumers should also protect their sensitive information, such as passwords, WiFi network information, and financial information, mentions the tax alert. If users believe they have fallen victim to this scam, they should contact their bank and reset their passwords as soon as possible, in addition to verifying their recent online activity.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.