Fake Virus Warning Leads To Fake Tech Support Scam

In just the last week I have been contacted by two separate close friends in a panic that their computers have contracted a horrible virus which showed both text and audio alerts that their computer is infected and were directed by a recorded voice and on-screen text to call a technical support phone number for immediate assistance. The screen looked similar to the image below. Click the image to zoom in:

The warning locked their browsers and would not allow the users to leave the page. In both cases my friends both committed the big mistake of actually calling the number and were greeted by people with heavy Indian accents calling themselves Microsoft technicians who were there to help. Thankfully one of them hung up on the criminals before they were able to remotely connect to her computer and after saying they needed payment immediately for "virus removal services". I was able to guide her though steps to regain control of her computer. The other friend fell for it completely and not only gave them access to her computer but also gave them her business bank account routing and account number. The criminals installed a real virus on her computer and also did something called syskey in Windows, which acted to further lock down the computer at any time they choose with the intent to get the victim to repeatedly come back to them to "remove more new viruses". For the latter case, I instructed her to completely power off her computer and bring it to me. Her personal files were extracted from her hard drive with the assistance of a local security expert at "Phoenix Computers" by opening the drive in a separate Linux OS and copying them to a USB drive and then scanned them for viruses. Her computer needed to be nuked with DBAN and then reformatted with a fresh install of Windows 10 to get every trace of the criminals off of it. She also needed to change ALL passwords to ALL her sensitive accounts and websites, including email and also had to close all of her bank accounts and open new bank accounts. The criminals did in fact attempt to withdraw money the following day (after she had already called them back and told them off) but the transactions were blocked due to her warnings to her bank.

This method of scam is on the rise and was even cited by the U.S. FBI in a recent public service announcement:

fbi psa 2014

 

There are also several YouTube channels dedicated to the art of "Scam Baiting" in which they set up a virtual machine and remove or replace all the Windows system tools commonly used by the scammers to scare and control victims and then proceed to confront them about why they feel the need to steal from people. In almost every case the scam baiter is met by insults and foul language from the criminals. One of the better channels on which to watch examples of this is here: https://www.youtube.com/channel/UCOkhTr4FqEAWRz2UecVsh4g but be advised that there is really horrible language when the scammers realize that it's all a setup and that they are being filmed for very public release on YouTube. I recommend donating and liking / subscribing / commenting on such channels and videos to help spread public awareness of this issue, as their actions are about as predatory and malicious as it gets in the cyber sense.

WHAT TO DO IF YOU ARE CONFRONTED BY ONE OF THESE WARNING SCREENS:

  1. Don't panic.
  2. Don't click on ANYTHING!
  3. Don't call the fake technical support or any other phone number.
  4. If you're on Windows, press CTRL + Alt + Del on your keyboard, and then click the "Task Manager" option. In the new window look for your browser, IE: Chrome, Firefox, Safari and click to highlight it. Then click "End Task". Don't reopen your internet browser yet.
  5. Follow the little guide linked HERE to completely clear your browser's cache, history and cookies. Don't reopen your internet browser yet.
  6. Run a complete Anti Virus scan on your computer before you use it any further. The best in my opinion is to run scans with all of the following:

Kaspersky Internet Security

MalwareBytes Anti Malware FREE!

MalwareBytes AdwCleaner FREE!

The best free alternative to Kaspersky Internet Security is currently Avast

While Accredited Design does not currently offer any computer operating system security or cleaning services, there are likely to be many in your area who do.

jewelry

Get A Quote

Quick and easy! Simply tell us a little about your project and we'll get you a second to none, custom made and affordable quote in no time.

flipbox view our portfolio

View Our Portfolio

We've provided powerful and affordable solutions to a vast number of business. Have a look at our portfolio! 

About Us

Accredited Design LLC has been providing businesses with web design, hosting and domain solutions for nearly a decade. We specialize in building complex web systems for our business customers.

Read More

Accredited Design LLC