• Fascinating detailed study of tech support scammers

    You know the scam: A web page tries to convince you (sometimes forcefully) that your system is infected. Getting away from that site can be very difficult. The scammers feed on naive users, frequently swindling them out of hundreds of dollars.

    In a new study from Stony Brook University, entitled “Dial One for Scam: A Large-Scale Analysis of Technical Support Scams (PDF), authors Najmeh Miramirkhani, Oleksii Starov, and Nick Nikiforakis built “an automated system capable of discovering, on a weekly basis, hundreds of phone numbers and domains operated by scammers.” They also contacted 60 different scammers and collected details about the scams.

    Here are just a few of the study’s many surprising results:

    • While 15 different telecommunication providers were used, four of them were responsible for more than 90 percent of the phone numbers used by scammers.
    • Although the average lifetime of a scam URL is approximately 11 days, 43 percent of the domains were pointing to scams for less than three days.
    • 69 percent of scam campaigns have a lifetime of less than 50 days.
    • The average call center houses 11 technical support scammers, ready to receive calls from victims.

    The study also talks about the use of Content Delivery Networks “such as CDN77, CDNsun, and KeyCDN [which] offer free services without requiring a phone number or a credit card. In addition, every uploaded scam page gets its own random-string-including URL which can not be guessed and thus cannot be preemptively blacklisted.”

    The study includes a long list of social engineering tricks that scammers use; a geographic breakdown (“85.4 percent of them were located in different regions of India, 9.7 percent were located in the U.S., and 4.9 percent were located in Costa Rica”); and a call for browser manufacturers to “adopt one universal shortcut that users can utilize when they feel threatened by a web page.”

    It’s a fascinating expose of a topic that affects all of us.