Recently I’ve seen a particularly clever scam going around. Usually it works like this; you click on a link, or mistype a URL. Suddenly, a box pops up, or a message appears in the browser warning that a virus, or malware, has been detected and you should call Microsoft at a given phone number.

Scam Examples

Sometimes there’s even a loud claxon that will play repeatedly. Everything about this is designed to panic you into calling that number. It’s a scam. Whatever you do, don’t call that number! 90% of the time, all you have to do is close the browser window. In almost every browser, you can do this by pressing Ctrl + W on Windows, and Command + W on a Mac.

If this happens to you, don’t panic. Just contact me, or a tech guy you trust. We will be able to tell you if there’s a real problem or not. I don’t charge my clients anything if they’re worried about a webpage or an email and ask me to check it out.

If you call the number you will be connected to a person claiming to be either a Microsoft technician, or a Microsoft Certified technician. They’ll give you an ID or reference number that you have no way of checking. They can be very convincing. Their goal is to get you to allow them to remote into your system. Do NOT do this. Most of the time, until they remote into your computer, there is nothing actually wrong with your system, aside from a scary web page. Once they get access to your system though, the first thing they usually do is run a “scanner” that finds a bunch of malware on your system. The trick is that the scanner actually installs it, and then finds it. At this point, they will make you pay them several hundred dollars in order for them to remove the malware. Then they download a real security tool like Adwcleaner or Malwarebytes to remove the stuff their “scanner” installed.

If you did let them “fix” your computer, you need to immediately remove everything they installed, especially the software that they used to remote in. As long as that’s still installed they still have access to your computer. Once you’ve uninstalled everything, run an anti-malware tool like Adwcleaner or Malwarebytes, and then run an anti-virus tool like BitDefender. You’ll want to repeat this process until the scans comeback clean. Next you’ll want to contact your bank or credit card company and discuss with them your options. Some attackers will get you to fill out a form authorizing them to do the work. This may preclude you from disputing the charge, but if the bank considers what they did fraud, then the coerced authorization form may not mean anything. When discussing with the bank, remember there wasn’t actually anything wrong with your computer before you contacted the attacker. It’s worth a phone call. Finally, if you don’t have a tech guy that you trust, find one. A five minute phone call can save you hours of work, and months of worrying about identity fraud. You can always contact me, I’m pretty awesome ;)

The lesson here is NEVER, EVER, EVER, EVER, EVER let anyone that you don’t trust have access to your computer.