Learning Library

← Back to Library

Support Scams Exploit July Outages

Key Points

  • In July 2024 a faulty security‑software update caused widespread outages, grounding flights, shutting banks and medical offices, and sparking public panic.
  • Scammers seized on that chaos with “support scams,” posing as helpful technicians who claim they can fix the problem while actually hijacking the victim’s system and stealing data.
  • They reach potential victims through many channels—phone calls, emails, SMS, pop‑up windows, or even mailed letters with QR codes—prompting users to contact the fraudster for assistance.
  • To protect yourself, stay aware of real‑world events, verify any support contact through official sources, avoid clicking unsolicited pop‑ups or QR codes, and treat unsolicited offers of help with extreme skepticism.

Full Transcript

# Support Scams Exploit July Outages **Source:** [https://www.youtube.com/watch?v=vem-_HljE-E](https://www.youtube.com/watch?v=vem-_HljE-E) **Duration:** 00:08:12 ## Summary - In July 2024 a faulty security‑software update caused widespread outages, grounding flights, shutting banks and medical offices, and sparking public panic. - Scammers seized on that chaos with “support scams,” posing as helpful technicians who claim they can fix the problem while actually hijacking the victim’s system and stealing data. - They reach potential victims through many channels—phone calls, emails, SMS, pop‑up windows, or even mailed letters with QR codes—prompting users to contact the fraudster for assistance. - To protect yourself, stay aware of real‑world events, verify any support contact through official sources, avoid clicking unsolicited pop‑ups or QR codes, and treat unsolicited offers of help with extreme skepticism. ## Sections - [00:00:00](https://www.youtube.com/watch?v=vem-_HljE-E&t=0s) **Support Scams Exploit Outages** - The segment explains how fraudsters leverage real-world disruptions—like the July 2024 security‑software failure—to pose as help desks, hijack computers, and steal data, and it outlines steps to protect against such scams. ## Full Transcript
0:00thousands of flights cancelled doctor's 0:03offices shut down Banks unable to 0:06transact business people can't even take 0:08their money out all of that happened in 0:11July of 2024 as a result of a widely 0:15distributed bad piece of security 0:17software there was an update and it 0:19caused massive outages well that was bad 0:23enough but then like ants to a picnic 0:25here come the scammers and they're 0:27feeding on people's fear uncertainty and 0:30out in order to conduct what is known as 0:33a support scam they say they're there to 0:35help help resolve this issue and get 0:37things back and operational again in 0:39fact what they're there to do is take 0:41over your system and steal your data 0:44what can we do about support scams in 0:46this video I'm going to take a look at 0:47what they are how they work and what you 0:49can do to guard against them so how does 0:51a support scam work well it starts in 0:55truth so we start with an actual thing 0:57that really happened so for instance as 0:59I mentioned in the beginning uh there 1:01might be let's say security software 1:04that we happen to know had some major 1:07outage or let's say there's a major data 1:09breach uh for instance one of the Telos 1:12recently had one of those and lots of 1:14people's information was compromised in 1:17that uh it could be your favorite 1:19operating system and uh the technical 1:23support related to that uh so the and 1:26then these things are all sort of it 1:29related things but think larger because 1:32there could also be natural disasters 1:34and things of that sort so uh maybe a 1:37tidal wave and earthquake uh famine uh 1:40any of those kinds of things so 1:42something that really in fact happened 1:44this happened there was news that was 1:47made and this soft target heard about 1:50that news that's already in the 1:52background now the scammer comes in to 1:55exploit that now how are they going to 1:57exploit what really happened to their 2:00advantage well the way they're going to 2:01do it is they're going to contact the 2:04victim and they could do it a lot of 2:05different ways they might do it with 2:07just as direct a thing as doing a phone 2:10call with the person they could do it 2:13through an email they could do it 2:15through an SMS message they could do it 2:18through a popup that occurs on the 2:20victim's system because maybe they've 2:23already gotten some software on that 2:24system and now they can control the 2:26system at least to that extent so they 2:28put up the pop-up message it says you 2:30know you've got an issue here and now 2:32you need to to fix this and when you 2:34click on this then call us so sometimes 2:38they put something up that makes the 2:39victim call the bad guy so it could 2:42happen either way it could even be in a 2:45snail mail something as low Tech as that 2:47how would that be you send a letter out 2:50you put in a QR code and say if you need 2:53support uh click on this QR code scan 2:56the QR code and then follow the website 2:58which then leads us back to this person 3:00so lots of different vectors of getting 3:02some sort of communication between the 3:04bad guy who's going to exploit this and 3:06the good guy who knows about the issue 3:08but doesn't really understand all the 3:11details of it what he's going to say is 3:14I am let's say tech support and we found 3:17a problem on your system and we need to 3:20help you fix that so you need to do the 3:23following things for instance in many 3:25cases they're going to tell you here's 3:26some special software that we need you 3:28to download onto your system in order to 3:30disinfect the virus to take care of that 3:33what have you and this thing is not 3:36going to help it's what we know as a 3:38remote access Trojan it's software that 3:42once it's downloaded gives this guy 3:44complete control over his system he can 3:47see all the data that's on there he can 3:49erase it he can make copies of it uh he 3:52has complete control at that point so in 3:54other words all of the good stuff on 3:55this guy's system now essentially 3:58belongs to him uh there are a lot of 4:00other different versions of this as well 4:03where one of these things somebody says 4:05the natural disaster okay what we're 4:07raising money for this particular cause 4:09or that thing wouldn't you like to 4:11contribute here's a website go there and 4:14contribute and in fact where you're 4:16doing is sending your money to that guy 4:19not to the legitimate ones so in other 4:21words this guy capitalizes on something 4:23that really happened it again 4:26capitalizes on the fear uncertainty and 4:28doubt of a real world World incident and 4:31that makes this person a soft target 4:33okay I've talked about the problem what 4:35am I recommending that you do the best 4:38thing the best prescription against this 4:41is skepticism you've got to be skeptical 4:43and not believe every single thing you 4:46hear or receive or phone call that you 4:48get or anything of that sort you've got 4:50to wonder about these things and 4:52hopefully you will now that you see what 4:54what is happening and what's possible 4:56for instance your operating system ERS 5:00tech support people are not going to 5:01cold call you out of the clear blue 5:04they're not going to do that they're not 5:05going to say we've been looking at your 5:07system and we see that there's something 5:08going on with it okay just hang up at 5:11that point also the IRS is not going to 5:13call you directly and tell you that 5:16you've got back taxes to pay they will 5:18contact you through other means first I 5:20have that on good authority hearing it 5:22directly from a director at the IRS at a 5:24recent security conference I attended so 5:27be skeptical about these cases where 5:29they're making the contact to you first 5:32then if you do get one of those emails 5:34or phone calls or anything like that 5:36let's say it's a phone call and they 5:38claimed to be one of these organizations 5:41and you're not sure well guess what look 5:43it 5:44up in other words say you know what if 5:47you're really with this organization 5:49fine tell me your name your employee 5:51number I'm going to hang up I'm going to 5:53call that organization and see if in 5:56fact this is legitimate and when you do 5:58the call up you look it up on your own 6:01don't take the the phone number that was 6:03in the email that was sent to you go to 6:07your own search engine and look it up 6:09that way then make the call then make 6:12the contact so that way you've done 6:15verification don't just trust what you 6:17got also you want to patch your systems 6:20keep them up to date with the latest 6:22security software that's going to make 6:24it harder for the bad guy to implant 6:25that rat that remote access Trojan that 6:28I mentioned to you or a lot of these 6:30other kinds of things where the popups 6:31start coming and you don't know why and 6:33the pop-ups are saying you're infected 6:35with malware well in fact a lot of those 6:37popups are in fact the malware itself 6:40that is then trying to get you deeper 6:42down the hole so if your system is 6:44patched it's harder for them to 6:46establish that kind of beach head into 6:48your systems also maintain good backups 6:52you want to make sure that whatever 6:54information you have that's sensitive 6:56you've got multiple copies of it maybe 6:58one copy in the cloud another copy on a 7:01local uh dis drive device of some sort 7:04so that you can go to either one as 7:07necessary and then if you do keep 7:09getting those popup messages telling you 7:12you you've been infected you need to do 7:13this you need to call this number you 7:15need to whatever uh just do this reboot 7:18your system that may not fix all of them 7:21but it'll fix a lot of them because 7:23those things are not always uh 7:25persistent across a reboot if it is 7:28persistent and you reboot and it still 7:30is there well then what you could do is 7:32reboot into safe mode and then from 7:35there after you've already downloaded 7:37one of the uh reliable malware scanners 7:41use it to scan your system and disinfect 7:44it from anything that way when you 7:46reboot again you'll come up clean and 7:49then ultimately after you've done all of 7:51these things make sure to pass the 7:53learnings on to others help others tell 7:56your parents your grandparents your kids 7:58your friends make sure they know that 8:01these kinds of things can happen and 8:02this is what they need to be doing about 8:04it in fact send them this video that way 8:07they'll be protected just like you are