印度、微軟及Amazon攜手破獲技術支援詐騙活動
印度當地詐騙組織5年來利用微軟與Amazon技術支援服務的名義,向受害者要求支付高昂的服務費用,或透過遠端存取方式在受害者電腦植入惡意程式,導致這二家科技大廠在美國、加拿大等6國超過2千名用戶受害
2023-10-20發表
印度的中央調查局(Central Bureau Investigation,CBI)、微軟與Amazon周四(10/19)宣布,它們已聯手破獲了位於印度的技術支援詐騙活動,此一被CBI命名為Chakra-II的掃盪行動涉及了5個案件,總計搜索了76個地點,扣押了許多的手機、電腦、伺服器、SIM卡、硬碟、電子郵件,也凍結了多個銀行帳戶。
根據CBI的說明,這些詐騙份子偽裝成全球IT大廠(微軟)與交易平臺(Amazon),於印度五個州經營多個客服中心,宣稱自己是這兩大品牌的技術支援人員,且時間長達5年。他們可能透過網頁上跳出的訊息來謊稱受害者的系統有問題,並提供免付費電話,在受害者主動聯繫之後,他們就會要求自遠端存取受害者電腦以協助檢查,再宣稱系統的確有問題,進而要求受害者支付高昂的服務費用,或是於系統上真的植入惡意程式、勒索軟體,甚至是竊取受害者的金融資訊。
雖然這些詐騙的客服中心設在印度,但受害者卻主要位於美國,另也有加拿大、德國、澳洲、西班牙及英國的微軟及Amazon用戶受害,受害人數超過2,000人。根據美國聯邦調查局(FBI)的統計,2022年因技術支援詐騙而損失的金額超過10億美元。
微軟與Amazon針對相關詐騙案件在美國與印度提出了聯合訴訟,而這也是這兩家公司的首度合作。微軟指出,技術支援詐騙是一個代價高昂且橫跨整個產業的問題,這些非法的客服中心每年都會危害數千名無辜的使用者。
其實技術支援詐騙存在已久,微軟也曾公布相關詐騙的手法,並提醒使用者不要輕易上當,強調微軟不會要求使用者提供金融資訊,系統上跳出錯誤訊息時不會含有電話號碼,也不會要求使用者以加密貨幣或禮物卡來支付技術支援費用,以及自第三方網站下載軟體時應特別小心。
Amazon, Microsoft, and India crack down on tech support scams
Call center operators use pop-ups, malware, and cold calls to get people to pay for PC ‘fixes’ they don’t really need.
Oct 20, 2023, 3:39 AM GMT+8
Amazon, Microsoft, and India’s Central Bureau of Investigation (CBI), the country’s federal enforcement agency, have announced a major crackdown on tech support fraud.
The CBI’s post details two instances where scammers pretended they were customer support agents for two “well-known multi-national companies” (Amazon and Microsoft) through pop-ups that “falsely appeared to be security alerts” from the companies.
Through their scheme, the scammers would get people to call a toll-free number to one of their call centers, take over a user’s computer remotely, convince users of the “pretense of non-existing problems,” and “make them pay hundreds of Dollars for unnecessary services” while impersonating as workers for Amazon and Microsoft.
Microsoft has a website detailing the popular versions of these scams, how to identify them, and steps on what to do if you believe you’ve been affected.
As part of the crackdown, “the CBI conducted intensive searches in five separate cases at 76 locations across multiple states,” the CBI wrote. “In the wake of Operation Chakra-II, 32 mobile phones, 48 laptops / hard disks, images of two servers, 33 SIM cards, and pen drives were confiscated and numerous bank accounts were freezed. CBI also seized a dump of 15 email accounts, illuminating the intricate web of deceit spun by the accused.”
“The illegal call centers impacted more than 2,000 Amazon and Microsoft customers primarily based in the US, but also in Australia, Canada, Germany, Spain, and the UK,” Amazon says in a blog post.
“This collaboration marks the first time Microsoft and Amazon have joined forces to combat tech support fraud,” Microsoft’s Amy Hogan-Burney writes in a blog post. “We firmly believe that partnerships like these are not only necessary but pivotal in creating a safer online ecosystem and in extending our protective reach to a larger number of individuals.”
Amazon has also poured extensive resources into combating counterfeit products on its store, announcing the Counterfeit Crimes Unit in 2020 to help lead the charge. And Microsoft fights online crime through its work with its Digital Crimes Unit.
CBI launches Operation Chakra-II: What it is and why Microsoft and Amazon are part of this
Oct 20, 2023, 15:55 IST
India’s Central Bureau of Investigation (CBI) has launched Operation Chakra-II, a crackdown on transnational organised cyber-enabled financial crimes. The CBI is partnering with Microsoft and Amazon, as well as national and international agencies, to combat and dismantle illegal call centre infrastructure. The CBI conducted searches in multiple states, confiscating mobile phones, laptops, SIM cards, and freezing bank accounts.
The Central Bureau of Investigation (CBI) has launched Operation Chakra-II to fight against transnational organised cyber-enabled financial crimes in India. For this, India’s federal agency has partnered with Microsoft and Amazon as well as with national and international agencies to combat and dismantle infrastructure of illegal call centres.
CBI said that during a nationwide crackdown, it conducted searches in five separate cases at 76 locations across multiple states, including Madhya Pradesh, Uttar Pradesh, Karnataka, Haryana, Kerala, Tamil Nadu, Punjab, Bihar, Delhi, West Bengal and Himachal Pradesh.
“In the wake of Operation Chakra-II, 32 mobile phones, 48 laptops/hard disks, images of two servers, 33 SIM cards, and pen drives were confiscated and numerous bank accounts were freezed. CBI also seized a dump of 15 email accounts, illuminating the intricate web of deceit spun by the accused,” the CBI said.
The CBI is working with the Federal Bureau of Investigation (FBI) of the USA, Cyber Crime Directorate and IFCACC of INTERPOL, the National Crime Agency (NCA) in the UK, Singapore Police Force and BKA of Germany to notify further leads.
Under Operation Chakra, launched last year, the CBI conducted raids over 100 locations against cyber criminals involved in financial crimes.
Why Microsoft and Amazon are part of Operation Chakra-II
In these scams, commonly known as tech support fraud, criminals establish and operate illegal call centres, and prey on the vulnerable and defraud thousands of victims each year. The illegal call centres raided by CBI were set up to impersonate Microsoft and Amazon customer support.
According to the companies, the cybercriminals have targeted over 2,000 customers based in the US, Canada, Germany, Australia, Spain, and the UK.
“We understand, however, that criminals will attempt to rebuild their operations and establish new illegal call centres. That is why we, in collaboration with the CBI, Amazon, and other international law enforcement agencies, are dedicated to maintaining our vigilance, sharing critical information and working closely with Indian law enforcement agencies and authorities from the victim countries to support their investigations,” Microsoft said.
Additionally, this is the first time that Microsoft and Amazon have joined forces to combat tech support fraud.
“We are pleased to join forces with Microsoft, and we believe actionable partnerships like these are critical in helping protect consumers from impersonation scams,” said Kathy Sheehan, vice president and associate general counsel, Business Conduct & Ethics.
How to safeguard
While Amazon and Microsoft will be working closely on the tech part to mitigate threats online, users should be aware of such ‘tech support’ calls.
Microsoft says that it never sends unsolicited email messages or makes unsolicited phone calls to request personal or financial information, or to provide technical support to fix computers.
“Any communication with Microsoft must be initiated by you. Always treat all unsolicited messages with scepticism and do not provide any personal information,” it said, adding that if you have been contacted by someone claiming to be from, or associated with, Microsoft, report the incident to Microsoft.
Meanwhile, Amazon said that customers can view order and communication history directly on Amazon by logging into their accounts and checking the Message Center.
Amazon never asks to make a payment or bank transfer on another website. It only asks for making payments in the mobile app, on the website, or in physical stores.
发表回复