Over the last few weeks I have received an increasing number of calls about users receiving various versions of the picture below. This stuff is called ScareWare. The simple fact is that the “bad guys” have found it easier to attempt to fool the users into taking action for them; rather than work to beat the security features built in. In this case they attempt to scare you into calling the toll free number and then getting you to let them remote access your computer so they can “fix” it. This is when the damage is done.
The ScareWare shown below is usually delivered as a pop-up message in your Internet Browser, ANY Internet Browser, when you click on a link in the page you are on. The webpage you are viewing is normally a completely legitimate site that has had portions of it hijacked to take you somewhere unexpected or deliver a message like the one below.
In one case a customer actually called the number and allowed them remote access. When it was finally reported to me I found all the passwords had been removed. I found/removed about 20 items of Malware that had been installed that day. ALL the internet Browsers had been hijacked to take them to a specific website no matter what you had set as your default – even if you reverted the browser back to factory defaults. I am still in the process of trying to detect whatever hidden items might have been installed when remote access was given. In some cases a complete reload of the PC operating system may be required.
In my experience NO reputable antivirus vendor, including Microsoft, will post a pop-up like this giving you a toll free number to call into – NO MATTER HOW LEGITIMATE AND REALISTIC THE POP-UP APPEARS.
If you get a pop-up like this you should immediately contact me or your supervisor so this situation can have the appropriate corrective action taken. Normally the pop-up itself can be dealt with fairly easily with no damage done. DO NOT call the toll free number, click on any link that may be in the pop-up, or allow anyone but a previously and personally known trusted source remote access to your computer.
In closing be a smart and conscientious Internet user. Understand that there are dangers out there and people trying to take advantage of you. If something comes up offering to help you fix a problem be suspicious and contact your own known repair source and let them troubleshoot the situation. Please call/contact me if you have questions, comments, or concerns.
Linn Allen, Computers/Networking Specialist
Harry’s Business Machines
lallen@since1928.com
