Imagine this alert showing up on your screen. Scary thought, right?
This message, and one’s similar, are intended to scare users and force them into acting promptly by calling the toll-free number listed in the alert to fix the issue identified. The problem is, these alerts are completely fake. There is nothing wrong with the computer, therefore there is no need to fix anything.
Over approximately the last year, PC Matic has conducted extensive research regarding this particular tech support scam, deeming it the Fake Virus Scam.
About the Fake Virus Scam
This scam aims to trick users into believing that their computer or device needs to be fixed with unnecessary and costly technical support services. The alert messages create a sense of urgency, making users believe they must call quickly to remediate the problem. They also aim to increase a sense of legitimacy by using a well-known brand, like Microsoft in the alert. Please note, a legitimate Microsoft notification will not include a phone number.
But how does it worm its way onto a computer? Scammers have succeeded in getting an advertisement or pop-up into a user’s browser, probably during a freeware download, which will generate the above alert. Once the fake virus shows up on the computer, the browser appears to be locked. In addition, a voice over may come over your speakers. Below is a recording we’ve been able to obtain of these voice overs.
Just image you’re in a work environment and that comes over your computer. Embarrassing, and highly concerning. By including this voice over, victims are increasingly likely to call the number listed to get the fake virus removed.
Once a user calls the scammers, they will want a large payment or subscription fee to “fix” the computer. They also may offer to sell the user a bogus antivirus program, or some other unneeded service.
In order to install these applications, or “fix” the device, they will request authorization to remotely access the computer. Using remote access, these experienced scammers can misrepresent normal system output as signs of problems. It’s nothing but a scam to get your money, credit card information and access to your computer.
PC Matic employee Michael Hucks, called one of these numbers to see what exactly the scammers are saying. You may listen to his call below:
How They’re Getting Away with It
The hoax uses what appears to be legitimate phone numbers to build trust with the victim. However, the scam often originates from a country, which will not cooperate with law or regulatory enforcement agencies trying to identify these scammers.
PC Matic has found, most of these fake tech support numbers are directed to one main center which modifies their Urgent Alert messages with new 1-800 numbers every couple of weeks. In just the last three months, PC Matic has tracked 140 different phone numbers tied to the fake virus scam.
Avoid Falling Victim
Wouldn’t it be nice if you never had to receive these messages at all?
Last year, PC Matic recognized the fake virus problem and added a feature, for no additional charge, to their adblocking technology. This technology has proven to effectively and proactively block these threats. In just the last three months, PC Matic has blocked 4,128 of these scams; up to 450 per day. Fortunately, with PC Matic’s superior adblocking technology, users can rest assured in knowing they are protected and won’t be subject to these stressful and potentially invasive and costly tactics.
For those not using PC Matic, there is a way to rid a computer of the scam, after it has populated. In order to do so, complete the following steps:
- Hold down the Ctrl+Alt+Delete keys
- Choose “Task Manager”
- Click on the browser you were using
- Select “End Task”
This will close out the browser. Users may then open the browser again, which should no longer have the alert populate. If the issue persists, reboot the device.
Just One Tool in the Hacker’s Arsenal
This is not the only bogus virus scam going around. Additional fraudulent alerts include phone and email scams. This includes hackers calling a user saying their antivirus solution is going out of business and the caller needs the user’s payment information to send a “credit”. Hackers have also called users claiming that they have been over billed for services, and were making arrangements for a “refund”; however, they need the payment information to issue said “refund”.
Another example are emails promising refunds to users of various programs. An example of a scam email that has been sent out can be seen below. Our team also went through the process of helping users identify these scams here.
Another, includes a fake blue screen of death (BSoD) screen, like what is shown below.
These are just a few examples of the scams that users are falling victim too, but these are the top execution methods to be aware of.
Here are a few things to keep in mind when it comes to these scams:
- If a company is going out of business, and customers are warranted a refund, the company will do so. However, they will not need you to provide your payment information, as it would already be tied to your account.
- If you’re ever questioning the refund or offer — ask for the person’s name and tell them you will call them back. Contact the company, via their support options listed on their original website, to confirm what you were told by the original caller.
- Keep in mind, these scammers are going to push for your account information. They don’t want you calling back, they want you to fall for the bogus scam. Therefore, they’re going to urge you not to call back, and to give them your information now. If it’s a legit company — they won’t care if you call back, your refund will still be there.
- Microsoft NEVER puts a 1-800 number in their BSoD screens, or pop-up messages. These are all fake virus scams.
To read the full Q2 PC Pitstop Newsletter, click here.