Anyone who has ever used a printer likely has had a frustrating experience at some point. There always seems to be some kind of issue with the software not responding, paper getting jammed or one of many other possible failures.
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday!
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: This is an affiliate link – your enrollment helps support this platform at no extra cost to you.
When people need help, they often turn to Google (and now AI) to look for an answer. This is where scammers come in, preying on unsuspecting and irate users ready to throw their printer out the window.
After clicking on a malicious Google ad, victims are redirected to a fraudulent site often using official brand names and logos. The crooks’ end goal is to get people to call them, and they achieve that by tricking them with fake printer drivers that always fail to install.
In this blog post, we review how this scam works and how to stay away from it.
Malicious Search Ads
Two of the most popular printer brands are HP and Canon. If you were to Google for help related to either of those brands right now, you would likely see sponsored results at the top of the search results page.
Unfortunately, in the majority of cases these ads are not from trusted providers but instead from tech support scammers. In the image below, you can see 4 ads shown for the query ‘hp printer help‘. It’s only after those that the official HP website appears.
If you were to say that consumers stand no chance, you’d be right. Unless you clicked on the official (organic search results), you’d end up getting scammed.
The list of sites includes:
megadrive[.]solutions
geeksprosoftwareprints[.]org
select-easy123print[.]com
printcaretech[.]com
The driver scam
A driver is a software program that your computer uses to talk to physical hardware (i.e. your printer). In the early Microsoft Windows days, drivers were very important to get printers, monitors and other peripherals working. Today, the operating system is usually good at detecting new hardware and installing the required drivers automatically. There are some exceptions, not to mention that some manufacturers like to package additional software with their drivers.
After clicking on a malicious ad, the website instructs you to enter your printer’s model number in order to download the required driver, which is proceeds to install. This is entirely fake, and the only thing the website displays is a recorded animation that will always end with the same error message.
This type of error is very similar to the Microsoft tech support scam, typically done via a browser hijack. Scammers want to scare and then get victims to contact them directly, via phone or live chat.
Remote access and extortion
There are many people that fall for these types of scams and entire armies of tech support agents working in poor conditions ready to defraud them. The script is usually standard across scams, with the support agent impersonating a popular brand and requesting personal information from the victim.
It is quite common for scammers to request and be granted remote access to the user’s computer. This gives them leverage to do a number of victims, such as stealing data, locking the machine or even using it to log into the victim’s bank account.
This is why it is so important to be extremely cautious with online search ads, and search results in general. Browser extensions such as Malwarebytes Browser Guard will block ads but also the scam or malware sites associated with these schemes.
This won’t help with your printer issues, but at least it’ll save you the trouble of being defrauded. When it comes to software questions, online forums are usually a good place to start, and if you’re lucky to count a computer person in your family, that’s always a good favor to ask for.
Article Link: Printer problems? Beware the bogus help | Malwarebytes