REALLY scary incident....

Discussion in 'PC/Windows/Linux' started by Butlerkid, Feb 6, 2018.

  1. Butlerkid

    Butlerkid Cafe Ambassador Moderator

    Apr 8, 2008
    Rutledge, Tennessee
    Karen
    I was on the internet......and decided to go to the website for the tour leader of our trip to Iceland. (not sure the specific website had anything to do with the following since I have gone back to the site after all this happened).

    All of the sudden a new window opened and a recording started saying....

    You have been infected
    Error code 0x80072ee7
    your credit card data is being sent to another IP address
    your personal information is being sent to another IP address
    you must call 800-725-4182 immediately so we can help you remove the virus

    if you don't call us immediately - if you close this window or shut down the computer - we will block your IP and internet access and report you so your computer does not infect other computers....

    This recording went on in a continuous - VERY high pressure - message.

    I called the 800 number but refused to give the person access to my computer. She finally hung up on me. I Googled the error code but found little on the internet.

    I called the 800 number back about 10 minutes later....and got the same person! Highly unlikely if I was really calling Microsoft Windows support center!

    I ran Defender and it said no virus - no problems. So I shut the computer down!

    Restarted the computer.....ran Defender and Malwarebytes......again no problems!

    Problem has not re-occurred.....hopefully it won't!
     
    Last edited: Feb 6, 2018
  2. crazy

    crazy

    Feb 5, 2009
    NC
    I would keep a very close eye on the credit card transactions.
     
  3. Butlerkid

    Butlerkid Cafe Ambassador Moderator

    Apr 8, 2008
    Rutledge, Tennessee
    Karen
    Yes, we do that constantly. However, I don't keep credit card info on my computer....so hopefully this won't be a problem. We leave for Iceland next Saturday....
     
    • Like Like x 1
  4. Baywing

    Baywing

    Feb 22, 2005
    CT USA
    I would download and run Malwarebytes. They have a free version that has been very good to me.
     
  5. I would agree with Baywing on running Malwarebytes Karen. This is scary stuff alright.
     
  6. Butlerkid

    Butlerkid Cafe Ambassador Moderator

    Apr 8, 2008
    Rutledge, Tennessee
    Karen
    Sorry forgot to add that. After restarting the machine I ran Malwarebytes......no viruses.....no quarantines..... I added that info to my original post.... THANKS!
     
  7. TonyW

    TonyW

    Jan 15, 2010
    UK
    As you are probably now aware these are Tech Support SCAMS. Designed to part you from your savings.

    Never respond to such.

    Defender not good enough to catch them most of the time.

    Remove Tech Support Scam Pop-up Virus (Call For Support Scam)

    Edit: Just seen that you ran Malwarebytes. You probably just clicked on a trigger for the scam site by accident then.
     
  8. Yes a scam. Best to ignore them. Have a great trip.
     
    • Agree Agree x 1
  9. Butlerkid

    Butlerkid Cafe Ambassador Moderator

    Apr 8, 2008
    Rutledge, Tennessee
    Karen
    I was astounded by how the HUGE the pressure was to let them "fix it"....but I kept my wits about me and even though the pressure level was high....at it appeared that my computer was frozen.....I relied on common sense and analysis!
     
  10. Of course the business about sending your credit card and personal info to another IP address was just to get you to call that number and give them access to your computer. I'm sure no harm was done since you did not give access to your computer, which was the main thing they were trying to achieve.

    But thanks for the heads-up. I seldom turn on the sound on my computer so I would not have heard the message.
     
  11. I get these type of messages occasionally. I'm not sure how I trigger them. They freeze the browser but ctr/alt/delete opens the task manager so I can shut the browser and reboot. I never find anything with Malewarebytes or McAfee virus scan. Now that I'm clearing all my cookies and trackers every day I hardly ever see them any more. It's definitely just a scam to try to infect your computer and steal what they can.
     
  12. Pawl

    Pawl

    577
    Aug 10, 2013
    EC
    Well played!
    In retrospect there are always improvemnts in action or response but as you point out, the main thing is you didn't grant them access nor give them any information, congrats.

    Oh, just had a thought, you mustn't now go to Iceland but as a special favor I'll go for you just send the tickets and details OK? :p
    Seriously don't worry you escaped.
     
  13. menbrial

    menbrial

    Apr 30, 2006
    colorado
    Never ever call those 1 800 back ....
     
  14. rick_reno

    rick_reno

    Dec 3, 2012
    N Idaho
    Desmond could fix that computer for you.
     
  15. Growltiger

    Growltiger Administrator Administrator

    You should NEVER phone a number that pops up. It is always a scam.

    I have an elderly relative who fell for it. She gave them her credit card number and paid, and gave them remote access to her machine. They then infected her machine so that she would have to keep paying every year (as it stops working unless she keeps paying).

    I tried to explain to her what had happened to her but she insisted that they were nice helpful people who had solved her problem. Despite trying my best, she believed them, not me.

    (The pop-up can simply be a normal pop-up from a website. That is why your machine shows no malware on it.)
     
  16. Yes, ignore all those popups - but seeing one for the first time can be scary. Hopoe it doesn't happen again.
     
  17. davidzvi

    davidzvi

    Apr 30, 2005
    Massachusetts
    David
    I use to get calls from "Windows support". My normal response was the I was running Linux.

    On a serious side. We use four credit cards.
    1. Stores, restaurants, etc
    2. Online purchases
    3. Monthly auto payments
    4. PayPal
    We got tired of changing all our monthly auto pay because of the retail hacks.
     
  18. Ditto for me. My tech guy told me that anytime I get any pop up or similar "threat", rather than using the normal shutdown procedures, it is best to use the ctl-alt-delete method of bringing up Task Manager and then shutting down the browser from there. I have no idea how accurate his advice is, but I have done so ever since and so far, fortunately, I have not been infected.
     
  19. That's how I handle it...when an unwanted pop up is stuck on my screen, I press CTL-ALT-DELETE and then shut the browser down from Task Manager. I then run Malwarebytes.

    Glenn
     
  20. Baywing

    Baywing

    Feb 22, 2005
    CT USA
    I've gotten the scam Windows phone calls, caller insists my machine is spreading a virus throughout the internet. I laugh at them, my phone number is not associated with any Microsoft app. They have creative names, I've been called by John Wayne, Ron Reagan, Kirk Douglas and others. I had one that kept calling back until I told him to keep talking so I could get a trace on the line. That put a stop to that.
     
Loading...
Similar Threads Forum Date
How much RAM is really needed with new DSLR's? PC/Windows/Linux Nov 13, 2015
Are the new Haswell procs really worth it? PC/Windows/Linux Jul 13, 2013
Do people really use new laptops? PC/Windows/Linux Mar 10, 2013
Do I really need a new Laptop (advise sought) ? PC/Windows/Linux Oct 14, 2012