A new technical support scam (TSS) campaign surfaced using iframe in combination with basic pop-up authentication to freeze a user’s browser. This new technique also serves as a tool for evading detection for the threat actors. Just like other TSS campaigns disguising themselves as legitimate or well-known brand’s service providers, this campaign in particular uses Microsoft to lure victims and to establish a fake legitimacy. Following is a preview of the pop-up authentication on a spoofed Microsoft webpage.
Indicators of Compromise