Kirby's Computers of Maquoketa Iowa

Home   Software   Learning Center   Virus news

 

 


Here you will find information on the latest virus and security threats.  News will remain on this web page as long as I am still seeing the threats.

April 12, 2018

I am once again having a lot of people call in with reports that their computers are telling them that it is infected and giving them a tech support number to call.  This is ALWAYS a scam.  Microsoft does not offer end-user customer support for most products.  Your computer simply does not "know" any tech support numbers.  It's not that smart.  If it's giving you a phone number it's because someone wrote software to tell it to give you that number and it is NEVER from an official source.

If your computer is warning you that it is infected and telling you to call a technical support number what you are actually looking at most of the time is a simple web page.  It will warn you not to turn off your computer.  It does that because when you turn off your computer, any web pages which you have open are closed.  While the warning is displayed they have you on the hook.  If you turn off your computer they've lost you.

EVERYTHING the warning tells you can be ignored.  It is all a lie.  Your computer is not infected.  It is safe to turn it off.  No action will be taken by authorities, you do not owe anyone any money, your computer will not break beyond repair, nothing requires your immediate attention and no service or rights are at risk of being lost.  Absolutely everything on your screen is a 100% complete and total lie.

To fix this issue is simple.  First, unplug the power cord to your modem or router.  You have to disconnect the Internet to make the web page go away.  Next, turn your computer off, exactly what the scammers don't want you to do.  Then turn your computer back on.  Once it boots, open your browser again (your browser is Firefox, Google Chrome or Microsoft Edge).  Wait for it to give you an error.  Usually that the web page could not be reached, the server could not be found or something along those lines.  Once you see that error, close your browser.  Finally, plug the power back in to your modem or router.  Wait 3 or 4 minutes for the device to power up and connect and you're back in business as if it never happened.

IF YOU LET THEM LOG INTO YOUR COMPUTER: The purpose behind the scam is to get you to call the number, where you will get a very helpful person who will offer to log into your computer to fix it for you.  This should be your first indication that this is a scam.  Phone lines and people to answer them are not free.  The computers they are using are not free.  Electricity and office space are not free.  So why would there be someone you could call 24 hours a day sitting behind a computer in an office just waiting to answer your call and help you for free?  A business doing this would go bankrupt overnight.

What they will do when they log into your computer is poke around, usually doing some technical looking things.  They will bring up confusing logs and show you technical information which you likely don't understand.  The purpose here is based in psychology.  They are establishing dominance as the expert who knows all while you are the poor sap who knows nothing, making you feel as if you have to depend on them entirely to tell you what is wrong and what to do about it.  By showing you some confusing things they are establishing trust.  It "feels" like they are actually showing you the proof of what they are saying.  In reality they are just showing you something you don't understand which they can explain to you in any way they like.  No matter what they show you, if you, personally, don't understand it you are relying on their word alone.  But by showing you something and then delivering their claims it "feels" like they are proving their claims.

What they "find" will be scary.  It will often involve your entire network being infected, your personal information being at risk or even the imminent failure of your computer.  It's always really, really bad.  This, again, is psychological trickery.  They invoke a sense of urgency.  If you don't get this taken care of right now, very "bad things" will happen.  If they can get you to panic then your ability to make rational decisions is greatly reduced and you are far more likely to pay to get it fixed immediately.

Then comes the hook, the ask for money.  It's usually around $300 they want, though the amount does change.  They will offer you the world for that.  Not only will they fix your problem, they'll set you up with all kinds of security software to make sure this never happens again.  Sometimes if you balk at the price they will offer you other "packages" at a lower cost.  They've gone this far with you, they want to get something from you, even if it's not the full amount.

What they will actually do is next to nothing.  They will not fix any problem because there is no problem to be fixed.  The software they install is all things you can get for free off the Internet anyway, and much of it is dubious in nature.  They will install a thing or two and do some technical-looking things, but at best it doesn't do anything for you that you couldn't have done yourself for free and at worst actually leaves your computer in worse shape.

IF YOU HAVE PAID THEM: You need to contact your bank or credit card company IMMEDIATELY.  Usually they will just charge the amount that they said they were going to and that will be the end of it, but remember, you just gave your card number to a scammer.  If you're a scam artist and you get me to agree to pay you $300, and THEN you get me to give you my credit card number to pay it, are you going to throw that number away when you're done?  I wouldn't bet on it.  Tell your bank or credit card company that you fell for a scam, see if they can get your money back (they usually can if it hasn't been over a month) and get new cards issued.

DO NOT CALL THEM BACK AND ASK FOR A REFUND, EVER: What will happen if you have your bank reverse the charges?  You'll get your money back and you'll never hear from them again, at least until you come across another web page with the same scam.  They will not come after you.  The LAST thing these people want it to be talking to law enforcement.  What will happen if you call them and ask for a refund?  I did have one customer do that and the person on the other end of the line happily agreed to issue a refund.  The customer just had to let him log back into the computer and remove all the software which had been installed.  The computer came in to me the next day for repairs.  What the scammer actually did we intentionally damage Windows so that the computer wouldn't boot as a punishment for daring to ask for a refund.  A refund, by the way, which the customer never got.

IF YOU CALLED THEM, HUNG UP AND THEY CALL BACK: They WILL call you back if you hang up on them.  They have caller ID.  A call back takes a few seconds and who knows?  Maybe it will work?  So they usually call you back a single time if you hang up on them.  Hang up again and it's usually over.

There is only ONE LEGITIMATE COMMUNICATION you will EVER get about a problem with your computer.  Nobody will call you.  Your computer will not give you a support number to call.  Nobody will offer to help you fix it.  The ONLY legitimate communication you will ever get about a problem with your computer will be from your Internet Service Provider (ISP).  The way you will get that communication is in the form of a web page.  When you try to get onto the Internet, instead of the web page you were expecting to see, you will see a page telling you that the message is from your ISP, that they have disconnected your Internet and that you can call them once YOU have fixed the problem and they will turn your Internet back on.  That's it.  No support, no help, no phone number, just "We turned off your Internet.  Call us when your virus is gone and we'll turn it back on."

AND REMEMBER, EVERYTHING the scammer will tell you is a lie.  You don't have to worry about ANY of it.  It's a scammer.  They're not exactly known for telling the truth.  If they call you, hang up on them.  If your computer says to call them, follow the instructions above.  EVERY time you get a call about your computer, it's a scam.  EVERY SINGLE TIME.  EVERY time your computer gives you a phone number to call, it's a scam.  Again, EVERY SINGLE TIME.  That means that EVERY time the information you are given is coming from a scammer and is all lies.

September 15, 2017

I am seeing a rash of fake tech-support problems lately.  These come in 2 different forms.  The first is a phone call.  Someone will call you saying that they've detected a problem with your computer and offer to help.  This is ALWAYS a scam.  Nobody will EVER call you to inform you about a real problem with your computer.  Why?  Because it is impossible to do so.

There is only one company in the entire world which can both detect a problem with your computer AND figure out who you are, thus, how to contact you.  That company is your Internet Service Provider (ISP), in this area usually Centurylink or Medicom.  To be clear, if the CIA detects something on your computer and wants to contact you about it, THEY have to contact your ISP to ask them who you are.  And your ISP will not just hand this information over.  They require a court order to get the information.  What this means is that NOBODY can detect a problem with your computer and give you a call about it except your ISP.  But their business is providing Internet service, not fixing computers.  So they WILL NOT offer to fix it for you.  If they detect that your computer is sending out viruses they will contact you about it, but it won't be a friendly call offering to help.  You will try to get on the Internet one day and, instead of the web page you tried to go to, you will get a nice little message from them saying that they have detected that your computer is sending out viruses and they have shut off your Internet.  To get it turned back on, you have to fix your computer and call the number on your bill to tell them it's fixed and then they'll restore your service.  They will NEVER offer to help.  That's not the business they're in.

The second is a warning popping up on your computer with a scary message about an infection being detected.  This warning gives you a phone number to call to fix it.  The message is very scary, telling you not to close the message, disconnect the Internet or shut off your computer.  They don't want you to do those things because that is how you make their fake warning go away.  This is also ALWAYS a scam.  You are looking at a web page.  Nothing more.  A web page cannot detect issues with your computer.  At least not without initiating a scan from a web page and jumping through multiple security hoops to get the scan going.  NEVER call a number your computer gives you.  Your computer is not a phone book.  It didn't get that number from a legitimate listing.  That number came from the people pushing the warning on your screen.

If you do call the number, again, they will offer to help.  They will direct you to a page to allow them to log into your computer.  They will do a bunch of technical looking things that seem scary and then they will tell you that they've found a serious problem.  There are hundreds, perhaps thousands of these people out there, so the way they sell it differs.  In once case the guy told a customer of mine that she had half an hour to fix the problem or her computer would just stop working and she wouldn't have one.  In many other cases they tell the customer that their data is at risk.

So how can you know if it's a scam?  Tell them to hold on while you call your computer guy to get his opinion.  They will immediately start telling you that it's a problem only they can fix, that a local computer guy doesn't know anything about this problem or some other lie.  So just tell them that you just want your computer guy's advice first and you'll be right back with them.  They will again insist that you don't need to do that and it would be a waste of time.  Some get angry, some get desperate, but ALL try to prevent you from getting a second opinion.  NEVER TRUST ANYONE WHO DOESN'T WANT YOU TO GET A SECOND OPINION!

January 28, 2013

I just got a fake email reporting to come from Facebook telling me there was a problem with my account and that I needed to log in to fix it.  The link takes me to a hacked web page, which then redirects me to the actual attack page.  This page tells me that I need a plugin to view the content, attempting to get me to download and install the virus.  NEVER click on links in emails telling you that there is a problem with your account.  If you believe it may be real, close the email and open your account directly the way you always go to it, not by clicking on the link in the email.  And NEVER download and install any plugins when you go to a web page and it says you need one to view the content.  Almost never will this be legitimate as most web pages are designed to be viewable, at least in part, without any plugins at all.

 

January 14, 2013

An exploit has been found in Java which is fixed in the latest version.  This is a very serious security issue.  You should update to the latest version of Java, Java Version 7, Update 11, IMMEDIATELY.  You can find the latest version at http://www.java.com/.  When you have updated to the latest version you should go to your Control Panel and, in Windows XP, Add and Remove Programs or, in Windows Vista or Windows 7, Uninstall a Program or Programs and Features (depending on the view settings in the Control Panel) and uninstall any older versions of Java.  You have have the same version installed twice, one 32 bit and one 64 bit and the 64 bit version is far more likely to be out of date.  If you do not use a 64 bit browser it is recommended that you uninstall the 64 bit version of Java and do not reinstall it.

NOTE: There are still security vulnerabilities in Java which have not been addressed and it may take up to 2 years to get them all patched.  Security experts are warning that if you don't use any websites which use Java it is best to leave it disabled or uninstall it until all the security vulnerabilities are addressed.  Java is currently the most highly exploited program for infecting computers, at about 50% of all exploits found.  If you don't need it, it might be best to simply uninstall it.

 

January 8, 2013

The first threat I will mention is technical support.  I have been seeing this for months and I am still hearing about customers being scammed.  You may get a call from a company claiming to be Microsoft, Dell, HP or some other company with a big name in computers, or you may actually call one of these companies or what you think to be one of these companies, perhaps getting referred to another support number.  While how you get there changes, what happens when you're there does not.

The support person, almost always with a heavy Indian accent, will tell you to go to a web site which will allow them to log onto your computer to help you with your problem.  They will tell you this is free.  Once they are logged onto your computer some of them install vast amounts of spyware and malicious software, but all of them tell you that they have found viruses on your computer.  They then ask you for several hundred dollars for a year or more of protection.  I have heard instances of them trying to sell subscriptions to Microsoft Security Essentials, Microsoft's FREE antivirus software.  I have even had a customer who bought an antivirus product for $30 only to find out that it was what is known as a "rogue security program", a program which, instead of protecting you, is actually the type of software antivirus usually protects you from.

NEVER let anyone you don't know log onto your computer.  ONLY ONE company can detect viruses coming from your computer, your Internet Service Provider.  They will NEVER offer to fix it for you.  They will normally send you an email saying nothing more than that you have a virus and giving you an amount of time to get it fixed before they disconnect your service.  They will not offer to fix it, nor will they offer to sell you anything to fix it.  Always remember that you can NEVER be sure that you are talking to who you think you are talking to.  You may THINK you called Microsoft or HP may have actually given you the support number, but if they want to log onto your computer, chances are it's not them.  And the most important thing of all, NEVER PAY THEM.  You'd be better off giving your money to a charity rather than a scam artist.

Another newer threat I have seen is not computer related, but even more dangerous.  You may get a call saying the IRS wants to talk to you and to press 1 to talk to a person.  They will know your name.  My wife got this call asking for me.  DO NOT GIVE THEM ANY INFORMATION! She did not talk to a person, so I don't know what they ask for, but tax return fraud is at an all time high right now, so undoubtedly they are seeking information they can use to file fraudulent tax returns.  Also keep in mind that when you file your tax returns you give them your address, NOT your phone number.  The IRS generally communicates via the US Post Office, not telephone.

 

Always relevant: Phishing attempts

Topping the "Always relevant" section is a threat which will always be there.  It comes and goes and comes in different forms, but it has existed non-stop for years and will continue to exist for years to come; email phishing.  Phishing attempts are generally pretty easy to spot if you know what to look for.  Some are more elaborate than others, but the signs are always the same.

First, a phishing email will seem to come from an official source.  Some place like a bank, a credit card company, FedEx, UPS, the Post Office, Microsoft or some place where you have an online account such as Facebook or an online game.  When you get an official looking email you need to ask yourself several questions before even opening it.  Have I gotten emails from this source before?  DO THEY HAVE MY EMAIL ADDRESS?  That last one is an important one.  How would the Post Office get your email address if you never gave it to them?

Next, look at the "To" part of the email.  Is there a long list of email addresses?  If so, this is a mass mailing.  There are only two possibilities if it's a mass mailing.  The first is that it's a newsletter or something similarly unimportant.  The second is that it's a scam.  There is no third possibility.  If the email went to many people it IS NOT an official communication of some problem with your account.  One such email I got was a mass mailing and it listed an account number and a due date for a credit card payment.  Obviously I don't share an account number with 20 other people.

If the source it appears to be coming from might have your email address and you think it might be legitimate then open the email and check for further signs of fraud.  The first thing to do is read it over completely.  Is it in perfect English?  Is everything spelled correctly?  If not, it's probably a fake.  These frauds are usually committed by people overseas in countries without extradition treaties with the US.  English is generally not their first language.  Lawyers write official communications for companies.  They rarely contain mistakes.  Capitol letters, punctuation, grammar and spelling will almost always be perfect.  And when not perfect, they will be close enough that you have to look hard to find the mistake.

Next ask yourself what kind of information this source has about you.  Do they know your name?  Do they know your address?  Do you have an account number with them?  If so, is any of that information in the email?  Your credit card company will not address you, "Dear Sir or Madame", they will address you by your name and account number.  Some fraudulent emails will give an account number.  Is it the RIGHT account number?  Do you recognize it?  Just because they give an official looking account number doesn't mean it's a real account number.  One email I have seen claims that the United States Postal Service has an undeliverable package and they need you to download a form to claim it.  Who doesn't want a mystery box?  The problem is the USPS delivers packages to specific people at specific addresses, but the email uses neither a name or an address.  They don't deliver email.  How would they know they had a package for me if they don't know my name or address, just my email address?

Finally, NEVER trust a link or download in an email.  If there is a problem with your online account, by all means, check it out.  But DON'T do it by clicking on the link in the email.  Close the email, open the your browser and log into your account the way you always do, by typing it in or through your own bookmarks.  Then you can be sure that you are going to the right place.  If they want you to download something chances are it's a scam.  There are a few legitimate reasons you might be sent an attachment, but very rarely are there official reasons in emails you get out of the blue.  For instance, companies will generally NOT send your financial information over an email.  If the attachment is supposed to be financial information, it IS NOT.  Email is not secure and sending financial information through the email is a good way to get your identity stolen.

 

 Older

One threat that has been around a while, but that I still see all the time is rogue security and maintenance software.  NEVER trust a software that will scan your computer for free and ask for money to fix what it finds.  Without exception EVERY one of these programs I have ever tested has been dishonest about the severity of the "problems" it found.  These programs usually do make changes when you pay for them, but the changes usually have little to no effect on how your computer runs and the "problems" they find are generally irrelevant non-issues.  This is ESPECIALLY true for supposed antivirus software.  If a program is telling you that your computer is infected with something and asking for money to fix it THIS IS MALWARE.  It will NEVER be legitimate software.  In short, the software telling you that your computer is infected IS the infection.  NEVER PAY THEM!  The FREE software under the Software/Security section of this website can remove some of these infections automatically.

I DO NOT recommend a registry cleaning software.  Cleaning out your registry has little to no good effect on your computer and can cause problems if the wrong thing is deleted.  If you must use one, use CCleaner listed in the software section of this site.  It is free.

 The same is true for programs to help you keep your drivers up to date.  One such software I tested on a brand new computer I had just built and tested myself claimed that of the 6 drivers I had just downloaded the latest versions of, 26 were out of date.  How I had 26 of 6 drivers out of date after getting the latest versions directly from the manufacturer's web site they did not explain.

One problem I don't see too much any more is the FBI warning.  It warns that the FBI detected some non-specific illegal activity originating from your computer and if you do not pay a "fine" they will press charges.  If you pay them, they WILL NOT go away.  The warning will go away for a month or so, but it will be back, demanding more money.  Just for the record, if the FBI finds you've committed a computer crime, they will show up at your door with an arrest warrant.  They will not extort $200 out of you to settle the charges.