Researchers at Malwarebytes have uncovered a new scam whereby fake customer phone numbers are inserted directly onto the legitimate help pages of major companies like Netflix, PayPal, Apple, Microsoft, Facebook, Bank of America, and HP. Once the number is called, the scammers will pose as the brand with the aim of getting their victim to hand over personal data or card details, or even allow remote access to their computer
Details here: https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number
Roger Grimes, data-driven defense evangelist at KnowBe4, commented:
“Fraudulent paid search engine ads taking users to fake websites have been a problem for decades. But this is definitely a new twist on the problem by being able to take users to legitimate vendor websites that then somehow display fraudulent phone numbers, which when answered, will be answered by a fake tech support message or person. It’s pretty devious. It’s especially devious because there isn’t a legitimate top 100 vendor who will easily display the legitimate vendor tech phone number for the victim to see and call instead, if the vendor even has a phone number a customer can call. If the vendor does have a phone number a customer can call it’s almost always buried under a ton of other pages or you have to find it by conducting an Internet search, which leads to the same problem. The fraudster pushes their scam number to the victim while the legitimate site hides theirs. So, it’s very easy to see how a customer can become a victim. It’s not my call and I don’t pay the bills, but it would be great if all vendors made their legitimate tech support phone numbers easier to find and/or more prominently displayed so they were easier for customers to find. It would be great if the legitimate vendors made finding their phone numbers as easy as the scammers make it.”
This is very concerning as when I do talks to churches, community groups, etc. on how to avoid scams, I counsel people to go to the websites of the companies in question to find out what their support options are and not to rely on Google to get those numbers. This pretty much invalidates that advice. And that illustrates how much scammers have truly evolved. Which is scary for someone like me.
Like this:
Like Loading...
Related
This entry was posted on June 20, 2025 at 12:58 pm and is filed under Commentary with tags Malwarebytes. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Scammers Hijack Bank of America, Netflix with Fake Support Numbers to Steal Personal Info
Researchers at Malwarebytes have uncovered a new scam whereby fake customer phone numbers are inserted directly onto the legitimate help pages of major companies like Netflix, PayPal, Apple, Microsoft, Facebook, Bank of America, and HP. Once the number is called, the scammers will pose as the brand with the aim of getting their victim to hand over personal data or card details, or even allow remote access to their computer
Details here: https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number
Roger Grimes, data-driven defense evangelist at KnowBe4, commented:
“Fraudulent paid search engine ads taking users to fake websites have been a problem for decades. But this is definitely a new twist on the problem by being able to take users to legitimate vendor websites that then somehow display fraudulent phone numbers, which when answered, will be answered by a fake tech support message or person. It’s pretty devious. It’s especially devious because there isn’t a legitimate top 100 vendor who will easily display the legitimate vendor tech phone number for the victim to see and call instead, if the vendor even has a phone number a customer can call. If the vendor does have a phone number a customer can call it’s almost always buried under a ton of other pages or you have to find it by conducting an Internet search, which leads to the same problem. The fraudster pushes their scam number to the victim while the legitimate site hides theirs. So, it’s very easy to see how a customer can become a victim. It’s not my call and I don’t pay the bills, but it would be great if all vendors made their legitimate tech support phone numbers easier to find and/or more prominently displayed so they were easier for customers to find. It would be great if the legitimate vendors made finding their phone numbers as easy as the scammers make it.”
This is very concerning as when I do talks to churches, community groups, etc. on how to avoid scams, I counsel people to go to the websites of the companies in question to find out what their support options are and not to rely on Google to get those numbers. This pretty much invalidates that advice. And that illustrates how much scammers have truly evolved. Which is scary for someone like me.
Share this:
Like this:
Related
This entry was posted on June 20, 2025 at 12:58 pm and is filed under Commentary with tags Malwarebytes. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.