As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today.
While the WannaCry attacks have been stopped thanks to a British researcher named MalwareTech, the ransomware's virulent attacks have made everyone take notice.
Following the original outbreak, people and organizations have been busy patching fearing they might be the next WannaCry victim if ever the ransomware's authors would come back with a version that didn't feature a "kill switch" domain.
Incorrect news articles and companies selling shady backup products and security scanners have contributed to this never-ending mass hysteria, keeping the threat of an impending WannaCry attack in the minds of non-technical users.
With so many people aware of what WannaCry is and what are its consequences, it comes to no surprise that scammers are now using a (predictable) WannaCry lure for their operations.
Let's take the site below, which is one of the many tech support sites we can find online today, themed around the WannaCry lure.
Many of our tech-savvy users would believe that it's almost impossible to fall for such a silly message. The reality, sadly, is very different, as there are still many impressionable and gullible people that believe everything they read online.
There's a reason why these sites are still around, and that's because they're still effective at making money for their owners.
In an alert issued yesterday, the UK's National Crime Agency (NCA) warned users against these types of scams, confirming that at least one UK victim fell for one such scam.
One victim fell for the scam after calling a ‘help’ number advertised on a pop up window. The window which wouldn’t close said the victim had been affected by WannaCry Ransomware.
The victim granted the fraudsters remote access to their PC after being convinced there wasn’t sufficient anti-virus protection. The fraudsters then installed Windows Malicious Software Removal Tool, which is actually free and took £320 as payment.
It is important to remember that Microsoft’s error and warning messages on your PC will never include a phone number.
Additionally Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication they have with you must be initiated by you.
Sadly, this wasn't the only alert the NCAA issued regarding WannaCry-related scams. Last week, the agency also warned against a campaign of fake BT emails that were peddling security upgrades, with the aim of phishing payment card data from BT clients who were fearing a WannaCry infection.
In addition, Virgin Media users have been complaining about receiving similar emails as well.
But the WannaCry hysteria hasn't stopped here. Android users are as much as a target as regular Windows users, even if the WannaCry ransomware is a Windows-only threat.
A quick search of the Google Play Store reveals tens of apps playing on the WannaCry theme.
All of these are benign, such as apps for playing pranks on friends by showing a fake WannaCry ransom screen on your phone. Other apps are useless, like the so-called "guide apps," which only show some boring text with information on WannaCry's mode of operation.
All these apps also show ads, which is most likely their primary role, at least from the developer's viewpoint.
Nonetheless, there's a class of apps which are straightforward scams. These apps are mimicking antivirus scanners that claim they can detect, remove, and protect against WannaCry infections. This is a blatant and obvious lie, as WannaCry doesn't infect Android devices.
These apps are also vessels for showing ads, and some of them are useless, as they don't do anything except show some animations, print fake scan results, and show giant banner ads whenever they can.
In one weird case, Fernando Ruiz, security researcher for McAfee, said today he encountered one of these WannaCry scanners that was so bad at its job that it detected itself as a "medium risk" threat.
While these Android apps don't attempt to scam users out of their money, only showing ads so their developer can profit, it's a good idea to remain vigilant to any WannaCry alerts coming from web pages, mobile apps, or emails.
While antivirus products aren't perfect, and some of them took a while to add support for detecting WannaCry infections, they're still way better at detecting WannaCry infections than a shady website with never-ending popups.