Most of our readers will be familiar with the Windows tech support scam, and some of our readers may even have been at the receiving end of a phone call claiming to be from Microsoft telling us our computers are infected with a virus and offering to help us fix it.
Microsoft’s Digital Crimes Unit, which tracks and prevents cybercrime, receives at least 10,000 complaints a month from around the world about pop-up ads and telemarketers claiming to be legitimate tech support representatives. In general, the scam is more likely to start with a pop-up ad than a phone call, but there are regional exceptions. In Germany, for example, 85 percent of complaints were about tech scams that originated with a phone call.
“These people are very clever,” said Chris White, a principal researcher at Microsoft’s Redmond, Washington, research lab who collaborated with the company’s Digital Crimes Unit to help track down the scammers.
“We had a bunch of customers who were reporting scams but didn’t know who scammed them,” said Courtney Gregoire, assistant general counsel for the Digital Crimes Unit.
To catch the scammers, Microsoft investigators first had to figure out where the attacks were coming from – no easy task, since they often only used an IP address, or virtual home, for a day or less before moving on to another location to avoid being caught.
To find them, the team created a model that looked for content that behaved in a way that was consistent with the scam, such as creating a pop-up that refreshed in microseconds to give the appearance it wasn’t going away. Then, the team scoured the web for those sites and captured screen shots of all the content that could potentially be a scam.
The team then used custom machine learning AI tools, running on Microsoft’s Azure cloud computing platform, to look for image similarity, content and other visual clues that would determine the chances that the pop-up was relevant to the fraud investigation.
Then, they used the computer vision API from Microsoft Cognitive Services to scan the ads for phone numbers and other bits of information that could provide clues as to their origin.
“What we’re able to do is address the problem at the scale it’s happening, and provide the mechanisms for us to do something about it,” White said.
The information is then presented using the Power BI data visualisation tool to create interactive, easy-to-understand charts and data visualisations. The data analysis helped law enforcement understand patterns such as how old the users were, what geographic areas the scammers were targeting and which approach they were taking in those areas.
The Federal Trade Commission announced a major crackdown on these scammers recently and is relying in part on the work of Microsoft researchers to help unravel the complex web of technical tricks the scammers were using to swindle users and avoid law enforcement.
Gregoire said the company has a strong commitment to continuing to fight these scams.
“We have a business interest in doing this, and we have a global good interest in doing this,” Gregoire said.
“This is a story of a practical application of bona fide machine learning to address an important problem,” he said.