Tech Support Scam Exploiting WannaCry Outbreak

A new tech support scam is using the recent WannaCry ransomware outbreak to trick users. One site uses the domain ‘securityagainstwannacry[.]com’ to appear legitimate.

Threat ID:: CC-1442
Category:
Threat Severity:: Medium
Threat Vector:: Phishing
Published:: 1 June 2017 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

A new tech support scam is using the recent WannaCry ransomware outbreak to trick users. One site uses the domain ‘securityagainstwannacry[.]com’ to appear legitimate.

Threat details

Once a user visits the site the popup will appear warning them their computer is infected with WannaCry and will include a message and a technical support telephone number designed to scare the user into revealing personal information.

As users may be worried about the WannaCry ransomware, it is feared many will fall victim to these tech support scams. The National Crime Agency (NCA) has issued warnings about tech support scams, warning there will be various scams of criminals impersonating telecom providers or Microsoft technicians on the back of the WannaCry outbreak.

Tech support scams tend to target home users and therefore the risk to organisations is minimal. It’s important that users are aware that Microsoft will not use popups to warn of malware or directly contact users asking for personal information.

Remediation steps

Type	Step
	Employees are appropriately educated to identify social engineering techniques and suspicious looking websites. Software is kept up to date. Security patches are updated regularly. All malware signatures are kept up to date.

Last edited: 17 February 2020 11:40 am