[WARNING] Yahoo! Mail Infected with Fake Tech support scam

phaZed · Dec 12, 2017

I'm pretty sure this was brought up a few days ago but can't seem to find it again.

I have had my second customer today with the B.S. 1-800 Tech Support scam. Over the phone, I was sure my customers were clicking on an email or a link in an email while on their Yahoo! Email accounts. I was wrong.

The customer must only go to the Website itself and log in. As soon as they do this they are greeted with a classic Fake Tech support, full page layover (hard to get rid of without killing the browser process).

That's the extent of the issue, I didn't see any dropper or *real* virus/malware stuff, but dang!

IMO, some accounts are being marked to be scammed by Yahoo. Both of these customers were over 60. Secondly, logging into these accounts with my computer also produces the fake tech popup, while logging into a tertiary Yahoo account does not.

I think we're seeing the final throws of Yahoo, as a company.

Krynn72 · Dec 12, 2017

phaZed said:
Secondly, logging into these accounts with my computer also produces the fake tech popup, while logging into a tertiary Yahoo account does not.

Was going to say "Browser hijack" until this part.

Just, wow. Yahoo was always friend to scammers and malware but at least it was simply due to incompetence before. They were at least still trying.

phaZed · Dec 12, 2017

Krynn72 said:
Was going to say "Browser hijack" until this part.

That's what I thought it was going to be before they got here... but both computers came up clean as whistles. When I saw it happen on my computer in an incognito window, on their account, I about dropped my jaw.

mraikes · Dec 12, 2017

Even blocking ads and pop-ups, it still appears on their account?

phaZed · Dec 12, 2017

mraikes said:
Even blocking ads and pop-ups, it still appears on their account?

Running ABP on my computer and it still appeared.

nlinecomputers · Dec 12, 2017

But the source is very likely the ad on the webpage. It's just one that has been hacked enough to bypass, for now, the common Adblocks. It's not Yahoo per se but same difference if they don't do a better job at checking the ad networks they use.

carmen617 · Jan 18, 2018

I have one of these right now. Every time he goes to Yahoo he gets the fake tech support popup. I've scanned his system, clean as a whistle. My recommendation for the short term is to use the Windows 10 Mail program to get his Yahoo mail, but I'd like to solve the issue. Anybody have any suggestions?

phaZed · Jan 18, 2018

carmen617 said:
I have one of these right now. Every time he goes to Yahoo he gets the fake tech support popup. I've scanned his system, clean as a whistle. My recommendation for the short term is to use the Windows 10 Mail program to get his Yahoo mail, but I'd like to solve the issue. Anybody have any suggestions?

With the 100% hack of Yahoo and their accounts I wouldn't trust them with a broom. I moved my "Yahoo" customer to Gmail and nothing but crickets from them. Ever since Yahoo became 'subsidiaries' of "Oath" it's been a further degradation of their integrity (of what little they had), IMO.

jeb · Mar 22, 2018

I had a customer that had this issue in their AOL Browser ran Malwarebytes on computer found several root kits uninstalled AOL Broswer, Deleted all browser Cookies, rebooted system, installed crome browser and re-logged into Yahoo, but also recommended switching to Gmail.

Diggs · Mar 22, 2018

I was just at a customer yesterday and Yahoo popups insisted on Yahoo being white listed. Customer had no idea what white-listing was but wanted the message gone. I white-listed Yahoo on their pop-up blocker and now I'm wondering if I should have.....

thecomputerguy · Mar 29, 2018

phaZed said:
I'm pretty sure this was brought up a few days ago but can't seem to find it again.

I have had my second customer today with the B.S. 1-800 Tech Support scam. Over the phone, I was sure my customers were clicking on an email or a link in an email while on their Yahoo! Email accounts. I was wrong.

The customer must only go to the Website itself and log in. As soon as they do this they are greeted with a classic Fake Tech support, full page layover (hard to get rid of without killing the browser process).

That's the extent of the issue, I didn't see any dropper or *real* virus/malware stuff, but dang!

IMO, some accounts are being marked to be scammed by Yahoo. Both of these customers were over 60. Secondly, logging into these accounts with my computer also produces the fake tech popup, while logging into a tertiary Yahoo account does not.

I think we're seeing the final throws of Yahoo, as a company.

Same crap happened to me awhile ago ... Freshly reformatted right out of the box on the Yahoo homepage...

https://www.technibble.com/forums/t...he-tech-got-a-1-800-pop-up.77225/#post-622365

Porthos · Mar 29, 2018

thecomputerguy said:
Same crap happened to me awhile ago ... Freshly reformatted right out of the box on the Yahoo homepage...

https://www.technibble.com/forums/t...he-tech-got-a-1-800-pop-up.77225/#post-622365

$$$

The scammers pay the ad company's- ad company's pay yahoo -Yahoo makes money and does not care.

Enjoy the extra business.

GTP · Mar 30, 2018

The Russian/Brazilian/Ukranian/ organised crime gangs pay scammers (mostly from India, 'cause labour is cheap) to make infected ads which they sell to Yahoo...."Yahoo makes money and does not care."

[WARNING] Yahoo! Mail Infected with Fake Tech support scam

phaZed

Well-Known Member

Krynn72

Well-Known Member

phaZed

Well-Known Member

mraikes

Well-Known Member

phaZed

Well-Known Member

nlinecomputers

Well-Known Member

carmen617

Well-Known Member

phaZed

Well-Known Member

jeb

New Member

Diggs

Well-Known Member

thecomputerguy

Well-Known Member

Porthos

Well-Known Member

GTP

Well-Known Member

Similar threads