Tech-Support Scam Targets Android Smartphone, Tablet Users

A new tech-support scam could cheat Cheap Android Phones and tablet users out of hundreds of dollars. The scam is a new spin on a social-engineering attack that has been plaguing PC users for years: the fake Microsoft or Windows support technician call.
The updated version of the scam was documented recently by Jérôme Segura, a senior security researcher with the anti-virus firm Malwarebytes.
Targeting smartphone and tablet users looking for help with their slow or virus-infected devices, scammers hook their victims in one of two ways — either with a cold call or via paid online advertising.
MORE: Do You Really Need a Third-Party Android Security App?
In the case documented by Malwarebytes, an undercover Segura dialed the number for an alleged online tech-support company, which he found with the Bing query "Android slow tech support."
Segura was immediately connected with a fake tech-support technician, who instructed Segura to plug his Cheap Android Phone into a Windows computer and download remote login software to give the technician access to his phone via the PC.
According to Segura's post on the Malwarebytes blog, if the scammer had actually been a support technician, this would have been the point at which a scan or diagnostic was performed on the connected device.
But the fake technician didn't bother with this formality. Instead, he quickly browsed the phone's internal storage and checked its properties. He then notified Segura that his phone was infected with a "very bad file": rundll32.exe.
As Segura explains, rundll32.exe is a standard Windows executable file, and since Android uses a completely different operating system from Windows, such a file could not possibly cause harm to Segura's Android device.
But that didn't stop the scammer from deleting these harmless files from Segura's PC and then performing a cheap keyboard trick (CTRL+Z) to reinstall them while warning Segura that such files "will come back automatically."