Microsoft 'tech support' scammers infest Azure hosting

By

Scam sites labelled as dangerous by Google's Chrome browser.

Microsoft's Azure cloud is housing hundreds of "tech support" scam web sites that try to deceive users that their computers are infected with malware, and ask for money to resolve the problem.

Microsoft 'tech support' scammers infest Azure hosting

Security researcher Michael Gillespie who runs the ID Ransomware website posted under the Malwarehuntr Twitter account several lists of domain names used by the scammers that are hosted on Azure.

The scammer sites use the azurewebsites.net domain name. Microsoft's Azure cloud currently offers free accounts for 12 months, with a A$280 credit for any services for 30 days.

As part of the package, scammers get a transport layer security digital certificate to authenticate the sites, for free.

Microsoft's Azure social media team responded to Gillespie, asking him to report the sites at a specific link.

In iTnews testing, many of the sites listed by Gillespie were marked as being dangerous by Google Chrome which blocked access to them with a warning interstitial.

Cancelling the warning and proceeding to load the sites showed they were no longer available, and Gillespie told iTnews that someone had sent multiple people at Microsoft emails about Azure hosting scammer sites and that it wouldn't surprise him if they were down.

However, Gillespie was able to find many other scam sites that were still up, including a batch of 82 discovered on May 15.

The problem of scammers and phishers being hosted on Azure is not new.

Web metrics site Netcraft posted about phishers taking advantage of free Azure webhosting in April 2014, targeting big brands such as Apple, Paypal, American Express, Comcast and others.

Last year, Google decided it would no longer accept ads placed by third-party tech support providers, as the online giant is unable to tell which are for real and which direct users to fraudsters.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Log In

  |  Forgot your password?