Gotcha: Symantec fires reseller nabbed in tech support scam
Malwarebytes sting operation catches out Silurian Tech Support
An authorised Symantec reseller has been caught hoodwinking users into buying security software by employing underhand marketing tactics.
Silurian Tech Support was spotted flinging fake Norton-themed security warnings in an attempt to drum up business by Symantec rival Malwarebytes. The alerts were used to direct users towards a tech support service that researchers discovered offered to fix non-existent problems for a flat fee of $199 or more.
All the well-worn themes of the far-too-prevalent tech support scam were present, including a request to allow a technician to take remote control of a computer and the use of Windows EventViewer to trick people into thinking their PC was hopelessly compromised.
These and other scams were used in the “diagnostic phase” before the technician tried to pressure sell support services to Jérôme Segura, a Malwarebytes researcher posing as a hapless potential mark. It was only at the point payment was requested that the researchers discovered Silurian Tech Support was running the ruse.
Silurian Tech Support, which promotes itself through US dial-in numbers but which appears to be based in and around Chandigarh, northern India, is a member of the Symantec Partner Program.
Malwarebytes reported its findings to Symantec which acted promptly to sever its association with Silurian, as a statement from Symantec to The Register confirmed:
"While we can’t say conclusively who was behind this particular scam, we can confirm that this particular site has been taken down and that we are also in the process of terminating our partner agreement with Silurian. After identifying any abuse of the Norton or Symantec brand, we pursue our rights and defend our intellectual property, and where necessary will work with law enforcement."
Silurian’s website went down shortly after Malwarebytes reported the case to Symantec. El Reg Silurian for comment on Malwarebytes accusations on via its Twitter account on Friday morning. We’ll update this story as and when we hear back from the firm. ®
Sponsored: 2016 Cyberthreat defense report