Support Scams Exploit July Outages
Key Points
- In July 2024 a faulty security‑software update caused widespread outages, grounding flights, shutting banks and medical offices, and sparking public panic.
- Scammers seized on that chaos with “support scams,” posing as helpful technicians who claim they can fix the problem while actually hijacking the victim’s system and stealing data.
- They reach potential victims through many channels—phone calls, emails, SMS, pop‑up windows, or even mailed letters with QR codes—prompting users to contact the fraudster for assistance.
- To protect yourself, stay aware of real‑world events, verify any support contact through official sources, avoid clicking unsolicited pop‑ups or QR codes, and treat unsolicited offers of help with extreme skepticism.
Full Transcript
# Support Scams Exploit July Outages **Source:** [https://www.youtube.com/watch?v=vem-_HljE-E](https://www.youtube.com/watch?v=vem-_HljE-E) **Duration:** 00:08:12 ## Summary - In July 2024 a faulty security‑software update caused widespread outages, grounding flights, shutting banks and medical offices, and sparking public panic. - Scammers seized on that chaos with “support scams,” posing as helpful technicians who claim they can fix the problem while actually hijacking the victim’s system and stealing data. - They reach potential victims through many channels—phone calls, emails, SMS, pop‑up windows, or even mailed letters with QR codes—prompting users to contact the fraudster for assistance. - To protect yourself, stay aware of real‑world events, verify any support contact through official sources, avoid clicking unsolicited pop‑ups or QR codes, and treat unsolicited offers of help with extreme skepticism. ## Sections - [00:00:00](https://www.youtube.com/watch?v=vem-_HljE-E&t=0s) **Support Scams Exploit Outages** - The segment explains how fraudsters leverage real-world disruptions—like the July 2024 security‑software failure—to pose as help desks, hijack computers, and steal data, and it outlines steps to protect against such scams. ## Full Transcript
thousands of flights cancelled doctor's
offices shut down Banks unable to
transact business people can't even take
their money out all of that happened in
July of 2024 as a result of a widely
distributed bad piece of security
software there was an update and it
caused massive outages well that was bad
enough but then like ants to a picnic
here come the scammers and they're
feeding on people's fear uncertainty and
out in order to conduct what is known as
a support scam they say they're there to
help help resolve this issue and get
things back and operational again in
fact what they're there to do is take
over your system and steal your data
what can we do about support scams in
this video I'm going to take a look at
what they are how they work and what you
can do to guard against them so how does
a support scam work well it starts in
truth so we start with an actual thing
that really happened so for instance as
I mentioned in the beginning uh there
might be let's say security software
that we happen to know had some major
outage or let's say there's a major data
breach uh for instance one of the Telos
recently had one of those and lots of
people's information was compromised in
that uh it could be your favorite
operating system and uh the technical
support related to that uh so the and
then these things are all sort of it
related things but think larger because
there could also be natural disasters
and things of that sort so uh maybe a
tidal wave and earthquake uh famine uh
any of those kinds of things so
something that really in fact happened
this happened there was news that was
made and this soft target heard about
that news that's already in the
background now the scammer comes in to
exploit that now how are they going to
exploit what really happened to their
advantage well the way they're going to
do it is they're going to contact the
victim and they could do it a lot of
different ways they might do it with
just as direct a thing as doing a phone
call with the person they could do it
through an email they could do it
through an SMS message they could do it
through a popup that occurs on the
victim's system because maybe they've
already gotten some software on that
system and now they can control the
system at least to that extent so they
put up the pop-up message it says you
know you've got an issue here and now
you need to to fix this and when you
click on this then call us so sometimes
they put something up that makes the
victim call the bad guy so it could
happen either way it could even be in a
snail mail something as low Tech as that
how would that be you send a letter out
you put in a QR code and say if you need
support uh click on this QR code scan
the QR code and then follow the website
which then leads us back to this person
so lots of different vectors of getting
some sort of communication between the
bad guy who's going to exploit this and
the good guy who knows about the issue
but doesn't really understand all the
details of it what he's going to say is
I am let's say tech support and we found
a problem on your system and we need to
help you fix that so you need to do the
following things for instance in many
cases they're going to tell you here's
some special software that we need you
to download onto your system in order to
disinfect the virus to take care of that
what have you and this thing is not
going to help it's what we know as a
remote access Trojan it's software that
once it's downloaded gives this guy
complete control over his system he can
see all the data that's on there he can
erase it he can make copies of it uh he
has complete control at that point so in
other words all of the good stuff on
this guy's system now essentially
belongs to him uh there are a lot of
other different versions of this as well
where one of these things somebody says
the natural disaster okay what we're
raising money for this particular cause
or that thing wouldn't you like to
contribute here's a website go there and
contribute and in fact where you're
doing is sending your money to that guy
not to the legitimate ones so in other
words this guy capitalizes on something
that really happened it again
capitalizes on the fear uncertainty and
doubt of a real world World incident and
that makes this person a soft target
okay I've talked about the problem what
am I recommending that you do the best
thing the best prescription against this
is skepticism you've got to be skeptical
and not believe every single thing you
hear or receive or phone call that you
get or anything of that sort you've got
to wonder about these things and
hopefully you will now that you see what
what is happening and what's possible
for instance your operating system ERS
tech support people are not going to
cold call you out of the clear blue
they're not going to do that they're not
going to say we've been looking at your
system and we see that there's something
going on with it okay just hang up at
that point also the IRS is not going to
call you directly and tell you that
you've got back taxes to pay they will
contact you through other means first I
have that on good authority hearing it
directly from a director at the IRS at a
recent security conference I attended so
be skeptical about these cases where
they're making the contact to you first
then if you do get one of those emails
or phone calls or anything like that
let's say it's a phone call and they
claimed to be one of these organizations
and you're not sure well guess what look
it
up in other words say you know what if
you're really with this organization
fine tell me your name your employee
number I'm going to hang up I'm going to
call that organization and see if in
fact this is legitimate and when you do
the call up you look it up on your own
don't take the the phone number that was
in the email that was sent to you go to
your own search engine and look it up
that way then make the call then make
the contact so that way you've done
verification don't just trust what you
got also you want to patch your systems
keep them up to date with the latest
security software that's going to make
it harder for the bad guy to implant
that rat that remote access Trojan that
I mentioned to you or a lot of these
other kinds of things where the popups
start coming and you don't know why and
the pop-ups are saying you're infected
with malware well in fact a lot of those
popups are in fact the malware itself
that is then trying to get you deeper
down the hole so if your system is
patched it's harder for them to
establish that kind of beach head into
your systems also maintain good backups
you want to make sure that whatever
information you have that's sensitive
you've got multiple copies of it maybe
one copy in the cloud another copy on a
local uh dis drive device of some sort
so that you can go to either one as
necessary and then if you do keep
getting those popup messages telling you
you you've been infected you need to do
this you need to call this number you
need to whatever uh just do this reboot
your system that may not fix all of them
but it'll fix a lot of them because
those things are not always uh
persistent across a reboot if it is
persistent and you reboot and it still
is there well then what you could do is
reboot into safe mode and then from
there after you've already downloaded
one of the uh reliable malware scanners
use it to scan your system and disinfect
it from anything that way when you
reboot again you'll come up clean and
then ultimately after you've done all of
these things make sure to pass the
learnings on to others help others tell
your parents your grandparents your kids
your friends make sure they know that
these kinds of things can happen and
this is what they need to be doing about
it in fact send them this video that way
they'll be protected just like you are