I have been getting a lot of calls about this one, and I finally was able to get a screen print of the message. When this happens to you – DO NOT CALL the provided number. You will end up allowing them to connect remotely and then they will convince you to spend $300 to fix the problem. You do not really have a problem, until you make the call. To fix this, read to the bottom.
This alert opens when you use your web browser. Notice that the message box starts with “This site says…” The first question is why would a WEB SITE be saying anything about your security? This fake alert exploit is evidently able to determine your Internet Service Provider, probably from your IP address. This one happens to reference Comcast. All this is designed to make it more believable. Some many of the calls I have received have been from people AFTER they have called the number, allowed a remote connection, and paid $300 by credit card, so this obviously is a very compelling scam.
So I decided to play along and call the number. When I called the number, I was directed to a call center somewhere that sounded a lot like the Indian subcontinent. They took my name and phone number, then had me open a Run command by pressing the Windows key + R. Then I was directed to type “iexplore www.btpl1.com” which opened Internet Explorer and took me to a web site where I was invited to set up a remote control connection. At this point I bailed on the call. Had I continued, the “technician” on the other end of the call would have had full control over my computer and been able to do anything, search for anything, or install anything he wanted to. Some victims have told me that if they hung up they would get a call back from a very persistent agent who then convinced them to resume the scam. This is why they get your phone number early in the process.
In the case of the client who had saved the pop-up message for me, I was able to clear the message simply by restarting the computer. Then I went to the control panel to Internet Options, the Advanced Tab, and reset the browser settings. I also manually reset Chrome. This solved the problem with the pop-ups. Scanning with Windows Defender and Malwarebytes came up clean.
Please do not fall for this scam, or other ones like it. No one is monitoring your computer at “Microsoft” or “Tech Support.” These guys are simple scammers trying to part you from your money.
Share
SEP
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com