Technology Training

Untitled

Fake Virus Warnings

Another day and another, what I feel to be, scam tech support company. This time I can attribute them to at least 100 fake virus warning sites and domains.

This time a message pops up when a victim is browsing (in the case I saw) TV streaming websites.

** YOUR COMPUTER HAS BEEN BLOCKED **

Error # 268D3

Please call us immediately at: +44-800-090-3856
Do not ignore this critical alert.
If you close this page, your computer access will be disabled to prevent further damage to our network.

Your computer has alerted us that it has been infected with a virus and spyware. The following information is being stolen…

> Facebook Login
> Credit Card Details
> Email Account Login
> Photos stored on this computer
You must contact us immediately so that our engineers can walk you through the removal process over the phone. Please call us within the next 5 minutes to prevent your computer from being disabled.

Toll Free: +44-800-090-3856

The telephone number used in this scam is a UK number of 0800 090 3856 aka. +448000903856 or 08000903856).

A small javascript file controls the telephone number that shows on the scam warning.

If these tech support liars call you back their caller ID shows as +18443073377

Needless to say the message is a lie, there is no infection the computer and the computer access (other than the scam message) will not be blocked.

When the victim calls up they are given the standard scam tech support routine of being shown the “scary errors” in event viewer and stopped services in msconfig (all normal!)

Their fixes (of which they charge $400 seem to be).

1) Running a .bat file to clear the event viewer history.

2) Running SuperAntiSPYWARE to close the web browsers and clean cookies.
3) Installing CCleaner..

Entirely not worth it and their initial sales pitch about infections, firewalls and risks are fiction.

The company who tried to take payment are:

“US Software Solutions Inc.” or “ALW*ussftwrsolution8882551137”.

The domain I came across has the following whois information:

Registrant Name: Ajay Kumar
Registrant Street: C-45, Sec- 5
Registrant City: Noida
Registrant State/Province: Uttar Pradesh
Registrant Postal Code: 201301
Registrant Country: INDIA
Registrant Phone: +91.8802175217
Registrant Email: kidanumer8171@gmail.com

So what is WHOIS, you ask?

Every year, millions of individuals, businesses, organizations and governments register domain names. Each one must provide identifying and contact information which may include: name, address, email, phone number, and administrative and technical contacts. This information is often referred to as “WHOIS data.” But the WHOIS service is not a single, centrally-operated database. Instead, the data is managed by independent entities known as “registrars” and “registries.” Any entity that wants to become a registrar must earn ICANN accreditation. Similarly, registries are under contract with ICANN to operate a generic top level domain, such as .COM, .ORG, or one of the new ones that may soon be under operation.

There is also a scam directed at Mac users

System Detected Security Error (Error Code : XX00x1) Due to Suspicious Activity. Please Contact MAC Technicians For Help :
‘+ tollfree +’ . Please contact MAC technicians to rectify the issue.
Please do not open internet browser for your security issue to avoid data corruption on your registry of your omacusating system. Please contact MAC technicians at

Tollfree Helpline at ‘+tollfree+’

Tell customer service this error code : XX00x1

PLEASE DO NOT SHUT DOWN OR RESTART YOUR COMPUTER, DOING THAT MAY LEAD TO DATA LOSS AND FAILIURE OF OPERATING SYSTEM , HENCE NON BOOTABLE SITUATION RESULTING COMPLETE DATA LOSS . CONTACT MAC technicians TO RESOLVE THE ISSUE ON TOLL FREE – ‘+tollfree+’

PLEASE DO NOT SHUT DOWN OR RESTART YOUR COMPUTER, DOING THAT MAY LEAD TO DATA LOSS AND FAILIURE OF OPERATING SYSTEM , HENCE NON BOOTABLE SITUATION RESULTING COMPLETE DATA LOSS . CONTACT MAC technicians TO RESOLVE THE ISSUE ON TOLL FREE – ‘+tollfree+’. Please contact MAC technicians to rectify the issue.
Please do not open internet browser for your security issue to avoid data corruption on your registery of your omacusating system. Please contact MAC technicians at

Tollfree Helpline at ‘+tollfree+’

Tell customer service this error code : XX00x1

Alert 2

Microsoft System Security Alert

Oops !! Something went wrong with your Unknown OS Platform

Dear Unknown User,

The Website you have recently visited may have downloaded the Malware and Virus on your Unknown OS Platform system.

Microsoft Defender is Suspicious about your Unknown OS Platform System Security.

Your TCP Connection Was Blocked by Your Unknown OS Platform Security System. Your Unknown OS Platform and Internet Explorer has been locked untill we may hear from you to immediately fix this issue.

Please Contact Microsoft Unknown OS Platform Help Desk

Alert 3

********** IMMEDIATE RESPONSE REQUIRED **********

Please contact network administration to rectify the issue.
Please do not open internet browser for your security issue to avoid data corruption on your registery of your operating system Unknown OS Platform. Please contact Unknown OS Platform network administration department at +61-1800-940-863 (TOLL-FREE)

Virus Info:
A Trojan horse, or Trojan, in computing is a non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data, and possible system harm. The term is derived from the story of the wooden horse used to trick defenders of Troy into taking concealed warriors into their city in ancient Greece, because computer Trojans often employ a form of social engineering, presenting themselves as routine, useful, or interesting in order to persuade victims to install them on their computers.

A Trojan often acts as a backdoor, contacting a controller which can then have unauthorized access to the affected computer. The Trojan and backdoors are not themselves easily detectable, but if they carry out significant computing or communications activity may cause the computer to run noticeably slowly. Malicious programs are classified as Trojans if they do not attempt to inject themselves into other files (computer virus) or otherwise propagate themselves (worm).

A computer may host a Trojan via a malicious program a user is duped into executing files or browsing internet.
Please contact network administration department at +61-1800-940-863 (TOLL-FREE)

So if you receive one of these messages don’t call the number. Shut down your computer and when re-started run your security software and also Malware Bytes, to check for malware.

Alert 1

Alert 2

Click on the alerts above to hear them.

Published
Categorized as Blog

Leave a comment

Your email address will not be published. Required fields are marked *