A paper for the Cybercrime Forensics Education and Training Conference looking at forensic issues that arose during our research into Tech Support Scams.

FTC action isn’t diminishing the volume of reported support scam calls and losses: what’s driving the people behind the scam, and what does the future hold?

The slides for many of the presentations by ESET researchers at VB 2012 can now be found on the Virus Bulletin conference web pages.

Alexandr Matrosov summarizes the evolution of complex threats using hidden storage, as discussed in his presentation with Eugene Rodionov at Virus Bulletin 2012.

Another year, another fine Virus Bulletin conference come and gone. And some of us even got long-service badges. (My first VB was in 1996, and my first VB presentation in 1997, but there are people like our own Righard Zwienenberg whose attendance record goes back way further.) (Yes, it did rain the last day or

Ammyy is eager to disassociate its service from Indian tech support scammers misusing it, and has some good advice for victims and potential victims.

Detailed analysis of Rovnix.D reveal updates to the code injection technique employed, allowing multiple injections with a variety of payloads.

Giving a support scammer access to your PC can give you more problems than any imaginary virus, especially if you refuse to pay for his ‘service’.

More cold-call/support scam information.

It’s important to know the worst password choices, but also the worst choices for numeric passcodes.