Fake Tech Support Scams Deliver Advanced Command-and-Control Malware

Fake tech support scams are not new. Historically, the goal was simple: convince someone to hand over a few hundred dollars in gift cards or give attackers remote access to a computer.

However, new research from Huntress highlights how familiar social-engineering tricks are evolving into something far more insidious. Instead of small-scale fraud, malefactors are using fake support calls to deploy sophisticated command-and-control malware inside business networks.  

In a campaign observed in February 2026, bad actors first flooded organizations with spam emails. Then they followed up with phone calls posing as IT support staff, offering to “fix” the problem.

Victims were persuaded to approve remote-access sessions using tools like QuickAssist or install remote management software such as AnyDesk. Once inside the system, the attackers guided users through a fake “Outlook Antispam Control Panel,” which downloaded what looked like a legitimate patch.

That patch was far from innocuous. It installed a ...