The Fake Support Popup Scam

You're researching work stuff on the Internet, click a link, and blam! Big scary website pops up with text, images, and a talking voice that your computer is infected with a horrible virus. The website says you need to call Microsoft at the provided phone number so they can clean your computer and you can go back to work (or Facebook; we're not judging). You try closing the window, but no good. It won't let you close it and the pop-up alert keeps coming back. So what's the deal here? Are you really infected?

The Scam Website

What It Does

You're not infected by anything and they don't have access to your computer. This scam is pretty common so don't feel bad if you get caught by it. This is actually a website that's making pop-ups so fast that you can't close them so it looks like the computer is locked. These days Chrome and Edge are pretty good about preventing repeating pop-ups but they still manage. These nasty little scam sites have a few ways of trying to snare people.

  • Google search results are the most common. You search for something somewhat niche and click the top link. They've done a bunch of scammy things to get their website above the legitimate site so you get the scam popup website.
  • Shady or compromised ad networks are also a common attack vector. You may have noticed that a lot of sites have little ads at the top of bottom. These ads come from ad networks that pay the site owner to allow them to show ads for their customers. Some of these are shady and allow ads that use various means to make these popups.
  • Compromised or scam browser extensions can also bring a lot of nastiness with them. These extensions are commonly downloaded to do things like download YouTube videos and Google doesn't like people doing that so you have to go to the shadier side of the Internet to get them. These extensions aren't properly vetted by Google so scam code could be in them that makes pop-up sites including these scams.

So now you know you're not actually infected with anything, but you still have this annoying pop-up on your screen that you can't make go away. Best way to make it go away is:

  1. Press CTRL+ALT+DEL (If you're on a Windows computer) to bring up the Windows Security menu
  2. Click on "Task Manager" to show all the programs running on your computer.
  3. Click on the program that you're using to browse the Internet. Usually Chrome, Edge, Internet Explorer, Firefox, or similar.
  4. Click on "End task" at the bottom right of the window to close that program. This will make the browser close and also close the scam pop-up site.
  5. Make sure to not click "Restore session" when you open your browser again so you don't get the same site.

If in doubt, you can also hard power your computer by holding down the power button for fifteen seconds. You'll lose whatever work you had open but it'll for sure close your browser.

You're probably wonder what's the point of this scam. The pop-up window will try to get you to call a phone number to connect you to their ever so helpful tech support staff. In reality the people on the other end of the phone are the scammers and they're going to convince you to give them access to your computer to "clean" it. They're going to install some remote access software, likely some keyloggers, try to take your sensitive files, get you to pay them for it, and then close the browser window to show what a great job they did.

Identifying Traits

Microsoft never uses alerts like this. We've never seen them send e-mail, call people, or otherwise reach out in any capacity. This is the sort of thing they stay out of.
Poor spelling is a common trait of these scams. Real alerts would have been checked by someone with spell checker before they made it into the program.
The website address isn't where you meant to go. Check the address bar in your browser for what website you're on. Likely you're on something totally random or a misspelling of the site you meant to go to. Scammers often try to trick people by using misspellings to pretend to be legitimate companies.

As always, if in doubt, contact us and we'll be happy to check it out for you.

in News