Over the last few weeks, we’ve noticed a JavaScript injection in a number of WordPress databases, and we recently wrote about them in a Sucuri Labs Note.

The campaign attempts to redirect visitors to a bogus Windows support page claiming that their computers are infected with ‘riskware’ and will be disabled unless they call what is an obviously bogus support hotline.

Google and several other web security vendors are currently blacklisting the domain; fortunately, most visitors will receive a warning page like this during the redirection process:

Tech Support Phone Scam

It’s worth noting that the phone number displayed on the page is auto-generated based on the URL that is supplied.

Continue reading Reverse Javascript Injection Redirects to Support Scam on WordPress at Sucuri Blog.

Via Sucuri.net