Increase in IT Support Scams Reported by ESET

According to a recent report from ESET, IT support scams are on the increase with users in France, Canada, the U.S. and UK currently most at risk.

ESET has discovered an increase in HTML/FakeAlert malware signaling a new global campaign has been launched. HTML/FakeAlert is a generic name given to webpages which display fake alert messages warning that systems are infected with malware or viruses. The sites also warn of technical problems that have been detected on users’ computers.

Visiting an infected website or malicious site that uses HTML/FakeAlert malware will result in a warning message being displayed. IT support scams typically start with users being advised to download software which it is claimed will scan their device for malware or technical issues. The scans reveal numerous problems exist. Users are then advised to purchase software to clear the non-existent infections or call a support line to receive assistance. Those support calls will either require a payment to be made to clean infections or will involve placing long calls to premium rate numbers. In many cases, the scanning software downloaded onto computers is simply bloatware, although it can come packaged with malware.

HTML/FakeAlert malware was first discovered in 2009, although only marginal activity has been detected in the past few years. However, detections of HTML/FakeAlert malware started to increase in Q2, 2016 and have continued to do so, reaching an all-time high in September when the global infection ration reached 2.05%.

France and Canada have recorded the highest number of infections, with each country registering almost a quarter of global infections. The United States was in third place with 15.43%, the UK in fourth place with 10.40%, and Spain in fifth place with 8.98% of attacks.

According to ESET IT Security Specialist EMEA, Ondrej Kubovic, “IT support scams have long been a very popular way to dupe English-speaking users who make up a large and thus economically viable target, in this case we also see the targeting of other large language groups.”

ESET recommends patches are applied promptly and computers are kept fully up to date. Anti-virus and anti-malware solutions should be installed and virus definitions updated automatically. If a support email is received or a security alert is displayed when visiting a website, it should be treated with suspicion. If a specific alert is given, check that the latest version of that software is installed and contact the vendor if in any doubt. Never use the contact details supplied via email or via a pop-up. Always find the correct contact information from the official vendor’s website or another trusted source.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of