Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

+44-800-086-9374 scam virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 duffsparky

duffsparky

  • Members
  • 267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 AM

Posted 24 October 2017 - 07:09 AM

Actual ransomware usually will have obvious indications (signs of infection)...it typically targets and encrypts data files so you cannot open them on your computer (and all connected drives at the time of infection), in most cases it appends an obvious extension to the end or beginning of encrypted filenames (although some variants do not), demands a ransom payment by dropping ransom notes in every directory or affected folder where data has been encrypted and sometimes changes Windows wallpaper. Somes types of ransomware will completely rename, encrypt or even scramble file names. Less obvious symptoms include adding or modifying registry entries and deletion of Shadow Volume Copies so that you cannot restore your files from before they had been encrypted but leaves the operating system working so the victim can pay the ransom. Further, when dealing with real ransomware, the cyber-criminals generally instruct their victims to contact them by email or website for decryption...they do not provide a phone number to call for assistance.

Tech Support Scamming through unsolicited phone calls, browser pop-ups and emails from "so-called Support Techs" advising "your computer is infected with malware", all your files are encrypted" and other fake messages has become an increasing common scam tactic over the past several years. The scams may involve web pages with screenshots of fake Microsoft (Windows) Support messages, fake reports of suspicious activity, fake warnings of malware found on your computer, fake ransomware and fake BSODs all of which include a tech support phone number to call in order to fix the problem. If you call the phone number (or they called you), scammers will talk their victims into allowing them remote control access of the computer so they can install a Remote Access Trojan in order to steal passwords and other sensitive personal information which could then be used to access bank accounts or steal a person's identity.

For more information about how these scams work and resources to protect yourself, please read Beware of Phony Emails & Tech Support Scams...there are suggestions near the bottom for dealing with scams and a list of security scanning tools to use in case the usual methods do not resolve the problem or you allowed remote access into your computer.

If you need individual assistance with a possible malware infection, you should start a new topic in the Am I infected? What do I do?


Edited by duffsparky, 24 October 2017 - 07:11 AM.


BC AdBot (Login to Remove)

 


#2 duffsparky

duffsparky
  • Topic Starter

  • Members
  • 267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 AM

Posted 24 October 2017 - 07:55 AM

Ok I've taken much of the above on-board.

 

My problem started with a Popup (see 

 

I've ended up back at the same warning page only this time I took details and a screenshot before pulling the plug (without closing anything down). However, unlike last time, when the PC was rebooted the Popup page, in Firefox, was Pinned to the Task Bar, which I duly unpinned. And after shutting down the PC using the Shutdown command (again without closing anything down) and rebooting the webpage was pinned back to the Task Bar. So I guess there may be some sort of infection.

 

The instructions on the webpage were to phone +44-800-086-9374. An internet search of this number suggests it's a scam virus but I've not seen the websites detailing it before so I've not gone to them just in case they are part of the same scam.

 

Can someone assist with this issue?

 

Many thanks.



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:22 AM

Posted 24 October 2017 - 12:08 PM

Hi re post and we'll get a deeper look... Do steps 6 and 7 ..

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Platypus

Platypus

  • Moderator
  • 14,209 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:08:22 PM

Posted 25 October 2017 - 06:25 AM

Continued here:

 

https://www.bleepingcomputer.com/forums/t/661053/possibly-infected-with-44-800-086-9374-scam-virus/


Top 5 things that never get done:

1.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users