Cisco Blogs

Cisco Blog > Threat Research

Reverse Social Engineering Tech Support Scammers

This post is authored by Jaime Filson and Dave Liebenberg.


A mosaic made up of 1-800 tech support scam websites

The amount of fraudulent actors masquerading as legitimate tech support has been on the rise since 2008. According to David Finn, executive director at the Microsoft Cybercrime Center, tech support scammers have made nearly $1.5 billion off of 3.3 million unwitting victims just this year. These scammers typically convince the victim into allowing them access to his/her computer through remote control applications such as TeamViewer. They then present benign processes as malicious, or at times even spread malware themselves. Afterwards, they charge hundreds of dollars for the service.

There are several avenues through which these scammers reach their victims. One of the most insidious are pop-ups and websites asserting that the user’s computer is riddled with viruses, and that the only way to fix the problem is to call a provided tech support number.

Talos has been monitoring the incessant creation of these fake tech support websites in order to better understand the way in which these scams operate. We decided to call a company ourselves for some reverse social engineering. Our experiment provided some interesting insights into the methods these scammers use to fool their victims as well as the infrastructure supporting their operations. In addition, we discovered a broad New Delhi-based scamming network employing multiple websites and VOIP phone numbers to carry out their duplicitous activities.


Tags: , , , , , ,

Get Your WLAN Ready for Google Android L and Apple iOS 8

This fall your wireless networks will experience many devices upgrading to the new Android 5.0(L-release) and Apple iOS 8 releases (cue: IT managers groan). There have now been many blogs attempting to capture the enhancements expected with these releases. Today I am going to focus on describing how Android L and iOS 8 may affect customers deploying Cisco enterprise grade Wi-Fi networks based upon our research and testing of the Apple seed. Our verdict: Carry on with business as usual.

Here are four features we predict will have the most impact your networks:

1. Chromecast and Google Cast Enhancements (Android L)

Rishi Chandra, the Director of Chromecast Product Management announced that, starting with the Android L release, users have the ability to cast to your neighboring devices such as a TV without having to connect to your Wi-Fi network. In the demo, a phone used the cellular connection to connect to chromecast through the cloud. A variety of techniques are used to authenticate the users in the same room OR use a pin-code as an alternative. Users can Google Cast an ecosystem of applications or even their own applications over any Android or iOS device as well as Cloud based apps on Chrome.

Predicted Impact: Given that this feature works transparently to the Wi-Fi, it is expected that there is no impact on the WLAN in your classrooms or dorm rooms or auditoriums where this will most likely be used.

2. Peer-to-peer AirPlay discovery and playback (iOS 8)

Starting with the iOS 7.1 release, AirPlay devices will discover an AppleTV via the bluetooth network. Users could also secure their AppleTV via a 4 digit pin-code. With the iOS 8 release, Airplay devices can also mirror their content via Airdrop. This feature offers an alternative method for customers to discover and mirroring of Bonjour traffic without accessing the corporate Wi-Fi network.

Predicted Impact: Again this feature operates transparent to the Wi-Fi and therefore customers using this feature should not see any impact on the WLAN. Cisco wireless customers also have the ability to use the Service Discovery Gateway on Cisco IOS based switches, routers or wireless LAN controllers or the Bonjour Services Directory on AireOS controllers. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Apple iOS 8 and MAC Randomization: What It means for Cisco’s Connected Mobile Experiences (CMX) Solution

As you may have read, Apple’s iOS 8 will come with some changes to the way MAC addresses are exposed in Wi-Fi probe requests. Apple’s intent was to provide an additional layer of privacy for consumers and target those companies that offer analytics without providing any value to the end consumer. We’ve been getting some questions about what this means and how it impacts our Connected Mobile Experiences (CMX)  solution, so we wanted to clear this up for our customers.

What does this mean for you? 

First and foremost, Cisco has always been dedicated to privacy for our customers and their end-users. There are four aspects of privacy that are built into our CMX solution:

1. Anonymous Aggregate Information: All analytics are based on aggregate, anonymized location data.

2. Permission-based: Users have to opt-in to join a Wi-Fi network or download an app

3. MAC Address Hash: Users’ MAC addresses can be hashed before exposing to 3rd party apps

4. Opt Out: End-users are always presented with the option to opt out of location-based services

The true value of CMX analytics for organizations is in aggregate location data to be used for business analysis to improve the customer experience for end-users. Providing customers with high performing Wi-Fi not only keeps always-on mobile users happy and opens the doors to delighting customers with more personalized experiences, but also helps provide more granularity to those aggregate trends to feed back into the experience creation machine. Win-win.

What does this mean for our CMX value proposition? Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

How Does Enterprise IT Respond to Consumerization? To Mac, BYOD, and Whatever Comes Next?

There’s a new force changing the way Cisco IT operates, the way we plan and develop new services, and the way we support our employees. Consumerization is showing us how to help our employees to be more productive and more satisfied – if we can learn to listen and respond. Read More »

Tags: , , , , , , , , , , , ,

IT Mobility Social Support Leads to Reduced Costs

Cisco IT’s Bring Your Own Device (BYOD) program allows employees to be most productive on whatever device they choose.  Whether it’s an iPhone, iPad, Android, Mac or PC they can connect to the Cisco internal network easily, but that’s not what this blog is about, if you’re interested in that initiative click here and here. This blog is about how adding a social layer, specifically Cisco WebEx Social, resulted in an improved user experience and reduced caseload and therefore avoided cost.  Personally, I’d like to say the easy onboarding of devices has caused me less wrinkles, but I’ve yet to find a quantitative way to prove that hypothesis true, so let’s stick to the facts:

  • In November 2010, Cisco IT had 4,566 cases per 33,354 devices or about 0.14 Cases/Device
  • In October 2011, Cisco IT had 3,921 cases per 48,530 devices or about 0.08 Cases/Device
  • Cisco IT has had a 52% increase in devices and 16% more users

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , ,