Outline:
“Critical Alert” message that may appear while you are web browsing claims that your computer has been blocked due to virus and spyware infections and your personal information is being stolen. It urges you to call a listed support number immediately to get help with the problem. The page that triggers the popup appears to be part of the Microsoft website and features Microsoft logos, banners, and links.
Brief Analysis:
The claims in the alert message are false and the page has no connection to Microsoft. Your computer has not been blocked and the page has not detected any virus infection or information theft. The message is designed to panic you into calling criminals masquerading as tech support workers. If you call the listed number, the criminals will try to trick you into providing your credit card details, ostensibly to pay for your computer to be fixed. You may also be tricked into downloading remote access software that will allow the criminals to install malware on your computer and steal your personal and financial information. The scam popup window may be difficult to close and may keep reappearing. See the detailed analysis below for more information.
Example:
** YOUR COMPUTER HAS BEEN BLOCKED **
Error # SL9DW61
Please call us immediately at: [Phone number removed]
Do not ignore this critical alert.
If you close this page, your computer access will be disabled to prevent further damage to our network.Your computer has alerted us that it has been infected with a virus and spyware. The following information is being stolen…Facebook Login
> Credit Card Details
> Email Account Login
> Photos stored on this computer
You must contact us immediately so that our engineers can walk you through the removal process over the phone Please call us within the next 5 minutes to prevent your computer from being disabled.Toll Free: [Phone number removed]
Detailed Analysis:
Imagine that you are browsing the web looking for information or simply for entertainment. You click a link and, suddenly, a rather scary “critical alert” message pops up in your browser. The message warns that your computer has been blocked because of a virus and spyware infection and, due to this infection, your personal and financial information is being stolen.It instructs you to call a toll free number immediately so that the “engineers can walk you through the removal process over the phone”. It further warns that, if you do not call within 5 minutes, or if you close the page, your computer access will be disabled to prevent further damage to the network.
The page behind the popup alert appears to be part of the Microsoft website and includes the Microsoft logo and other seemingly Microsoft related elements.
However, the supposed warning is a scam. It is not associated with Microsoft in any way. Nor has it detected any virus infection or theft of information. And, despite the claims in the message, the “engineers” do not (yet) have any control over your computer and certainly cannot disable access if you fail to call or if you close the website.
The warning is just a nasty ruse designed to panic you into calling online criminals posing as Microsoft tech support workers. If you do call, the scammers will claim that you must first download a remote access program that will allow them to take control of your computer and – supposedly – deal with the virus infection. Once the scammers have gained access, they can install malware on your computer. This malware can run silently in the background and harvest information such as your online banking passwords and social media account login details. And, while they have access, the scammers can troll through your files for information they may want to take.
The scammers will also demand that you provide your credit card details over the phone, ostensibly to cover service charges for repairing your computer.
These scammers can be quite intimidating. They may claim – falsely of course – that you may be fined, or even arrested, if you do not immediately comply with their instructions.
If one of these scam warnings appears in your browser, do not call the listed number under any circumstances.
You may find it difficult or impossible to close the popup window. Or, if you can close it, it may keep reappearing. If so, you will need to terminate the processes associated with your browser by taking the following steps:
Windows Computers
1: Hit “Control – Alt -Delete” on your keyboard and then click “Task Manager”.
2: With the “Processes” tab active, highlight any processes related to your browser and hit the “End Task” button at the bottom of the Task Manager window.
Mac Computers
1: Hit “Command + Option + Esc to open the “Force Quit Applications” window.
2: Select the name of the browser you are using and hit the “Force Quit” button.
It would also be wise to scan your computer for malware. We recommend Malwarebytes, which is free for home users.
These browser popup tech support scams are very similar to other tech support scams in which the criminals call you rather than the other way around.
