If you get a screen like this while doing something like trying to log in to Facebook or something else, usually as a result of clicking on a link after a web search, you are being scammed.
Typically your browser locks up – you can’t go back, you can’t navigate to anything else, and you even can’t close the window. Instructions tell you to call Microsoft support because your system is infected with spyware and viruses.
If you call the number (877-382-9050), a friendly person (in India, Pakistan, or somewhere else) will answer. THESE ARE NOT MICROSOFT SUPPORT CONSULTANTS. THEY ARE SCAMMERS AND CRIMINALS. They will ask you some questions about your system, and have you do the following things:
- Press the windows+R keys to open the “Run” box
- Type in ” iexplore http://www.go2patch.com ” and hit enter
- Type in the access code that they give you
- Press the “Connect” button and then allow the program to run
If you do this, you have just given full access of your system to criminals who will steal valuable information, download real spyware or malware, or turn your computer into part of a botnet to send out spam.
This is just another incarnation of the “Zeus Virus” scam – same technique, different remote connection software.
If this happens to you, hit Ctrl-Alt-Del and open the Task Manager. End the browser task from there, whatever you’re running (IE, Edge, Chrome, Firefox, NCSA Mosaic, etc.)
What do you do if you have already allowed access? According to “Slim,” a registered user at 800Notes.com,
Since the scammers accessed the computer, they probably did one or more of the following:
• Disabled the anti-virus software
• Added nasty malware to the computer
• Copied the Contact List (so they can spam/email your soon-to-be ex-friends)
• Copied any financial data or passwords they could find
• Compromised your ID on Facebook or other social site(s), and perhaps on shopping sites.
• “Zombied” the computer, so it would respond to THEIR commands sent via internet
• Deleted some important files
• Asked for money to repair the damage they caused
What can you do immediately after such an attack?
1. Pull the cables on the computer, or otherwise disable it, so it cannot access the internet.
2. Change ALL passwords stored on the computer.
3. Run FULL malware scans on the computer, in “SAFE” mode!
4. Change the passwords again, particularly if the malware scans showed anything.
5. Inform your bank and credit card companies.
6. Sign up for credit monitoring, and check the status frequently
7. Backup non-executable personal, data files to an external storage device. (Executable files might be infected).
8. You may have to bring the computer to a local repair shop, and tell them the story.
9. Tell friends what happened, so they can be aware of strange emails from you.
10. Connect to the internet only AFTER all the above have been done.
11. Change the passwords on all online accounts. Even better – access a “safe”, uninfected computer, and change your online account passwords RIGHT NOW.
Be careful out there – don’t help the bad guys mess up your machine.
The Old Wolf has spoken.