Fake Tech Suport PopUp

September 09, 2016

I happened to type my bank name in the browser without the .com on the end. Since I have DuckDuckGo as the default search engine it brought up search results rather than the bank site. The top result looked right in the second I spent looking at it so I clicked it. The next think I know I’m getting a verbal warning that my computer has been compromised and a pop up window giving me the chance to call tech support and fix the problem.

If you don’t know what you are looking at it must be pretty scary. It sounds like the operating system warning you of a firewall breach and telling you how to protect yourself. In fact it is just a website putting up a dialog box and playing a recording. The obnoxious part is that they are blocking the controls that would let you make it go away.

If you kill your browser and let it restore tabs or windows when it starts back up you will be right back where you were. Restarting the machine will get rid of it unless you have your browser set to reopen the last set of windows. The trick to getting rid of it for good is to disable javascript then force the browser to shut down. When you start back up the browser will work as you expect and you can just close the offending tab. Once you have done that you can turn javascript back on and everything is back where you started.

There are exploits that can do more harm than just harassing you for money, but the fact that they are trying to extort you into calling them means it is likely that there has been no permanent change to your machine. Make sure that your normal firewall and malware protection are turned on and running and congratulate yourself on being skeptical of the Internet.

If you fell for a pop up like this and called them and they had you do anything you probably allowed malware onto your machine. Under these circumstances you should get knowledgeable help to repair the harm done and keep track of any signs information removed from your computer is being used. If they got a credit card or banking information from you cancel the transaction and report it to you bank and follow their instructions about how to protect the account from fraudulent transactions.

If you are using a windows machine the steps are basically the same. To kill an unresponsive browser use the task manager. Ctl-Alt-Del or right click the task bar to access the list of running tasks.

None of the operating system vendors would interact with you in this way which is one of the best clues this is bogus. Whenever you see anything like this think back to what you were doing just before you saw the message. If it was clicking on a link in a web browser there is a very good chance someone is out to scam you.

If you do have an anti-malware program running familiarize yourself with the windows that it displays so you can recognize its warnings. Most scams are pretty transparent once you know what is happening.

If you have any questions about something like this, find help on your own. As with anything on the Internet, unsolicited information being pushed to you via web or email is probably harmful. Tread carefully and ask for help from a trusted source. There are people out there who make their living off of trying to fool you. They have a lot of practice and many are quite good at it. Spotting the problem with a Nigerian prince needing your bank information to send you a bunch of money is pretty easy. Scams like these pop ups catch a lot of people.