Opinions, suggestions, recommendations or ideas found on our site are applied at your own risk. More.
Scams - It can all go wrong very quickly if you are not careful!
There is an increasing presences of scams attempting to get remote control over computers. Once the scammers have control, they will cause problems (that never existed to begin with) and demand payment to fix those problems. If you do allow control and then change your mind about it, shutting down/restarting the computer will likely result in a relaunch of the remote session and/or they will call you back (over and over).
See also Task Scheduler corrupt? and Avoiding problems - Internet searches.
The three common scams are:
- You are having problems with your computer, you do an
Internet search for technical support. Chance are good the
results will have sites you should not visit! See our
Who can you trust? page.
-or- You receive a unsolicited phone call informing you someone has "detected" a problem on the computer, and/or this is so and so from IT, or from some official sounding, or well-known company. - You stumble upon a bad site that presents an error message on screen along with dire warning not to shut off the computer and with a phone number to call. The message may even appear to be from your ISP (Windstream, Midco, etc.).
- You receive an email with a lot of your personal information, e.g., email address, name, mailing address, ISP information. The article on that.
See also our November '17 and March '18 newsletters for more information.
Be aware that these are all scams and here's what you should do:
-
If a phone call, simply hang up (or have a little fun with them and keep them on the line as long as possible without giving them control).
-
If an email, simply delete it but certainly DO NOT click any links or buttons. (Email scams more often lead to a nasty ransomware virus rather than remote sessions.)
-
In the event of an on screen message, shut down/restart the computer. Some of these are simply bad websites that can be closed by pressing Alt+F4 but if that doesn’t work:
-
Try pressing the Window key (lower left keyboard) to access the Start menu. At that point you should be able to see the taskbar where you can then right click open application(s) and close them, then finally Windows key and shut down the computer. Restart and see if everything is ok.
-
Press Ctrl+Alt+Del, open the Task Manager, move to the processes tab, locate iexplorer.exe (chrome.exe or whatever browser is being used) then right click each of those processes and End the Task.
-
Worse case/last option, hold the power button until the computer shuts off but any unsaved work will probably be lost and if Outlook was open, a data repair may be required. But this is also hard on the computer, see hard drives.
-
Note: If upon restart of the computer and opening the Internet the same site comes back, the home/start page was hijacked. See our March '17 newsletter.
More recently they are calling representing themselves as from Windows - but who is Windows? The company name is Microsoft! Who by the way will never call you. Here is a Microsoft article worth reading:
-
How to recognize phishing email messages, links, or phone calls
- “Remember, Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.”
But what to do?
DISCONNECT FROM THE INTERNET, even if you have to unplug the modem/router!
Then...
Look through Programs and Features for any remote software like LogMeIn, TeamViewer, GoToMyPC, Citrix, Go To Opener, etc. and uninstall any found.
Look in the Task Scheduler for any reinstallers. Look in MSConfig for remote services. Do deep scans, see our Infected? page.
Phony Internet or Email warnings include just about anything you can think of.
Email scams near bottom of this page. The more popular Internet warnings are something to the effect that:
- Your computer is infected
- Your hard drive is about to fail
- Someone has taken control of your computer
- Something needs to be updated before you can proceed (Flash and Java are the popular ones)
Driver Updates are likely Scams!
ANY driver or update needed, will be obtained via Microsoft's update or the actual manufacturer's site directly. You do not need a third-party "driver update" software and certainly do not call a number or click some random link or notice that appeared on screen indicating a driver is needed - see Internet page scams below!
- Window updates:
- Windows 7 and Vista, the icon is found in the Start menu
> All programs (or the Control panel)
- Windows 8 use the Window key (on the keyboard) X to open the menu then select Control Panel.
- Windows 10 via the Start menu > Settings > Update and Security
- Windows 7 and Vista, the icon is found in the Start menu
> All programs (or the Control panel)
- For any computer manufacturer item, go to that manufacturer's support site, but see warnings about searching the Internet for computer support in our October newsletter.
Hyperlinks, email included(discussed below) are not always what you expect!
In the Internet
Explorer, hyperlinks show their true destination in the status
bar... For example, a link may read one thing but looking at the status bar you
may see something else. Example:
http://www.microsoft.com is actually a link back to our
site...
If you do not have a status bar, turn it on, see this.
Internet page scams
ANY dire warning with a phone number to call is a scam! Just restart the computer.
If you do stumble upon anything like the
examples below, don't click anything, instead "X"
out of
Internet altogether. If you cannot "X" out, end
the process(es) as discussed near the top. If that does not work, reboot the
computer!
This first one from a completely legitimate site. Don't click anything, instead bring up the Task Manager (Ctrl+Alt+Del) and end all iexplorer processes. If using Chrome > end those, if Firefox > end those, etc.
See our Jan '17 newsletter for another idea on killing rogue sites.
All of these are from known Junkware sites listed on our Hijacked! page...
Updates needed - it's all B.S. See Windows update
They can even target based on your Internet provider...
Despite the Microsoft and Google logos,
this one takes you to a site you shouldn't visit.
Likely you will be unable to close the browser normally so don't
click anything but instead, reboot the computer!
This one may come as an email (see below)...
Uninstalling crap
Here's some real crap! "HDQuality" which goes by various other
"HD" names.
You cannot uninstall it without
installing something else unless you very carefully
read the uninstaller options...
During uninstallation some will actually install something else! So read the prompts carefully and if there's an option to do a custom uninstall, choose that, but read the options carefully.
Even more about these types of scams in this ZDNet article.
Another type of scam is to hijack your home page and make it look like a BSOD error...
|
Recently a customer snap this picture of their computer and wondered if it was legitimate. It is not. This is simply a scam website with the browser in the full screen mode where the toolbars, addressbar, etc. are hidden. Try it, press F11 on the keyboard to see what happens. To recover from the full screen mode, simply press F11 again. So once they recovered from the full screen mode, they needed to reset the home page and disable/remove the Internet junk that found it's way in... |
 |
Here's a new one (to us). We received what looked like a
hijack email message but the link was going to google.com so thought
it was safe - WRONG! Some how a Google link that begins with http://www.google.com/webhp?
(with
more characters after the question mark), will automatically
redirect the browser, so watch out for these...
Email scams
There are probably more email scam out there than email addresses. Ok, a bit of an exaggeration but there are a lot! They try to get you to click something. Don't click anything, just delete the message!
If there's any possibility it could be legitimate, lookup the correct phone number and make a call (but be careful doing that too).
A few of the more common messages:
- You won!
- Your long lost relative is leaving you money
- Your relative is in jail
- Amazon, FedEx, UPS, etc. package is on the way or was not deliverable
- Bank or credit card transaction was detected, denied, etc.
- Better Business Bureau has a complaint against your company
- You have a message waiting
- Your domain is for sale, expiring, etc.
We just love this one we received with a subject of "Parking Violation Notice"
|
An Email scam tries to do one things and that is to you to click on something. DON'T CLICK. Always, hover over the link (but don't click) to see what website you will end up at! See if the domain name is familiar or makes any sense at all. To the right cancosm... |
 |
 |
To the left, filmovis... If there is ever any question, hover over the link, record the name and do some diligent research. |
Here is a recent example, notice when we hovered over the apparent Verzion link to "Manage Your Account...", the actual destination was some site starting with alicemiletism...
The always popular, thank you for your order (nice syntax)