CP
cyberpings
Malware & RansomwareHIGH

Fake Tech Support Spam Unleashes Havoc on Organizations

THThe Hacker NewsMar 3, 2026
Havocmalwarescamscybersecurityphishing
🎯

Basically, scammers pretended to be tech support to steal data using malware.

Quick Summary

Scammers are posing as tech support to deploy malware across organizations. This affects anyone who might receive a suspicious call or email. Ignoring these scams can lead to serious data breaches. Stay vigilant and verify unexpected communications.

What Happened

Imagine getting a call from someone claiming to be your tech support, only to find out they are scammers. Recently, threat hunters discovered a new campaign where bad actors impersonated IT support to deliver the Havoc command-and-control (C2)? framework. This malicious tool is often used as a precursor to serious threats like data theft or ransomware? attacks.

Last month, Huntress identified these intrusions across five partner organizations. The attackers initiated their scheme by sending out spam emails designed to lure victims. Once the unsuspecting targets engaged, the scammers followed up with a phone call, further convincing them to install the malicious software. This tactic not only exploits trust but also highlights the evolving nature of cyber threats.

Why Should You Care

You might think tech support scams only happen to others, but they can happen to you too. If you receive an unexpected call from someone claiming to be from your IT department, it could be a scammer trying to gain access to your sensitive information. Just like leaving your front door unlocked, ignoring these threats can lead to severe consequences.

In today’s digital world, your personal and financial information is constantly at risk. Imagine if a thief had the keys to your home; they could take anything they wanted. Similarly, if scammers gain access to your devices, they can steal your data or even lock you out of your own files. Protecting yourself starts with being aware of these scams.

What's Being Done

Organizations are now on high alert, and cybersecurity teams are responding swiftly to these threats. Here are some immediate actions you should consider:

  • Verify any unexpected calls by contacting your IT department directly.
  • Educate your team about recognizing phishing emails and scams.
  • Implement robust security measures, including multi-factor authentication. Experts are closely monitoring this situation, as they expect more sophisticated tactics to emerge from these threat actors in the coming weeks.

💡 Tap dotted terms for explanations

🔒 Pro insight: The use of social engineering tactics in this campaign underscores the need for continuous employee training on cybersecurity awareness.

Original article from

The Hacker News

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

ClickFix Attackers Evolve Tactics to Bypass Security Measures

Microsoft warns about a new ClickFix phishing tactic. Attackers are tricking users into executing harmful commands via Windows Terminal. This method can compromise your data and security. Stay alert and educate yourself on these evolving threats!

CSO Online·Yesterday, 9:15 PM
HIGHMalware & Ransomware

Fake Google Meet Update Gives Attackers Control of Your PC

A fake Google Meet update is tricking users into giving hackers control of their PCs. This poses a serious risk to personal and sensitive data. Stay vigilant and avoid suspicious update prompts to protect yourself.

Malwarebytes Labs·Yesterday, 7:35 PM
HIGHMalware & Ransomware

Spyware Masquerades as Emergency App Targeting Israeli Smartphones

Israeli smartphones were targeted by spyware disguised as an emergency app. This deceptive tactic puts personal data at risk. Stay vigilant and verify app legitimacy to protect your privacy.

The Register Security·Yesterday, 6:56 PM
HIGHMalware & Ransomware

Metasploit Update: New Exploits and Enhanced Control Features

Metasploit has launched a new update with powerful exploits and features. Users of Tactical RMM and MajorDoMo are particularly at risk. Stay ahead of potential attacks by updating your systems and reviewing security measures.

Rapid7 Blog·Yesterday, 6:28 PM
HIGHMalware & Ransomware

New ClickFix Attack Uses Windows Terminal for Malicious Payloads

A new wave of ClickFix attacks targets Windows Terminal to deliver malicious payloads. Users are at risk of unauthorized access and data theft. Stay cautious and keep your software updated to protect yourself.

Cyber Security News·Yesterday, 6:05 PM
HIGHMalware & Ransomware

AI-Powered Malware: Transparent Tribe Targets India

A hacking group is using AI to create malware targeting India. This mass production of implants could compromise personal data and financial security. Experts recommend updating software and using strong passwords to protect against these threats.

The Hacker News·Yesterday, 3:11 PM