In just the last week I have been contacted by two separate close friends in a panic that their computers have contracted a horrible virus which showed both text and audio alerts that their computer is infected and were directed by a recorded voice and on-screen text to call a technical support phone number for immediate assistance. The screen looked similar to the image below. Click the image to zoom in:
The warning locked their browsers and would not allow the users to leave the page. In both cases my friends both committed the big mistake of actually calling the number and were greeted by people with heavy Indian accents calling themselves Microsoft technicians who were there to help. Thankfully one of them hung up on the criminals before they were able to remotely connect to her computer and after saying they needed payment immediately for "virus removal services". I was able to guide her though steps to regain control of her computer. The other friend fell for it completely and not only gave them access to her computer but also gave them her business bank account routing and account number. The criminals installed a real virus on her computer and also did something called syskey in Windows, which acted to further lock down the computer at any time they choose with the intent to get the victim to repeatedly come back to them to "remove more new viruses". For the latter case, I instructed her to completely power off her computer and bring it to me. Her personal files were extracted from her hard drive with the assistance of a local security expert at Phoenix Computers at 608pc.com by opening the drive in a separate Linux OS and copying them to a USB drive and then scanned them for viruses. Her computer needed to be nuked with DBAN and then reformatted with a fresh install of Windows 10 to get every trace of the criminals off of it. She also needed to change ALL passwords to ALL her sensitive accounts and websites, including email and also had to close all of her bank accounts and open new bank accounts. The criminals did in fact attempt to withdraw money the following day (after she had already called them back and told them off) but the transactions were blocked due to her warnings to her bank.
This method of scam is on the rise and was even cited by the U.S. FBI in a recent public service announcement:
There are also several YouTube channels dedicated to the art of "Scam Baiting" in which they set up a virtual machine and remove or replace all the Windows system tools commonly used by the scammers to scare and control victims and then proceed to confront them about why they feel the need to steal from people. In almost every case the scam baiter is met by insults and foul language from the criminals. One of the better channels on which to watch examples of this is here: https://www.youtube.com/channel/UCOkhTr4FqEAWRz2UecVsh4g but be advised that there is really horrible language when the scammers realize that it's all a setup and being filmed for very public release on YouTube. I recommend donating and liking / subscribing / commenting on such channels and videos to help spread public awareness of this issue, as their actions are about as predatory and malicious as it gets in the cyber sense.
WHAT TO DO IF YOU ARE CONFRONTED BY ONE OF THESE WARNING SCREENS:
- Don't panic.
- Don't click on ANYTHING!
- Don't call the fake technical support or any other phone number.
- If you're on Windows, press CTRL + Alt + Del on your keyboard, and then click the "Task Manager" option. In the new window look for your browser, IE: Chrome, Firefox, Safari and click to highlight it. Then click "End Task". Don't reopen your internet browser yet.
- Follow the little guide linked HERE to completely clear your browser's cache, history and cookies. Don't reopen your internet browser yet.
- Run a complete Anti Virus scan on your computer before you use it any further. The best in my opinion is to run scans with all of the following:
MalwareBytes AdwCleaner FREE!
The best free alternative to Kaspersky Internet Security is currently Avast
While Accredited Design does not currently offer any computer operating system security or cleaning services, there are likely to be many in your area who do. If you happen to be in Southwest Wisconsin one of the best is Phoenix Computers at 608pc.com as mentioned earlier in the article. If not, it could be worth a call to them anyway if you're willing to ship your computer to them to be cleaned but this may also incur shipping costs.