(This is a slightly modified version of an article originally published on March 2, 2016. Phony warnings about viruses continue to be the most common online scam in 2017.)
If your computer displays a message while you are browsing the Internet claiming that you have been hacked or infected with a virus, it is a lie by criminals.
Your computer is not infected with anything and you did nothing wrong.
Do not call the 800 number for “tech support.”
You are calling criminals who will lie to you.
If you call the 800 number and give them a credit card number, you will be charged hundreds of dollars for nothing.
The card number is effectively stolen and you will have to cancel it.
If you call the 800 number and give them remote access to your computer, your computer may have been compromised.
Have an IT professional check the computer thoroughly for malware. You may have to wipe it out and reinstall everything from scratch. If your personal information is stored on the computer – passwords, tax information, bank account info, social security number, etc. – you should consider taking steps to protect yourself against identify theft. That might include a fraud alert in your credit report, freezing your credit report, and monitoring your credit report and financial accounts for unauthorized activity.
If you receive a call from someone who offers technical support or who claims your computer has been hacked or infected with a virus, hang up.
You are talking to criminals and they are lying to you.
Please make sure vulnerable people know these rules. Scammers prey on people like your mother, or your colleague who doesn’t understand technology, or the person down the hall who’s easily fooled. Don’t let them be victims!
There has been a resurgence of malicious web popups that display a message claiming that tech support is required to clean a virus or fix a hack. They can appear on Windows PCs or on Macs. They come up on your computer when you visit a website that has been compromised in some way. You might have a typo in the web address you were trying to visit, or you might have clicked on a link to a website that was hacked.
Here’s a screenshot from a client’s computer – a webpage with a popup window in front of it.
A closeup of the window with the instructions.
There are a thousand variations of these windows. They may be accompanied by a loud voice exclaiming that the computer is infected, or a siren or other loud noise. Almost always the windows will be difficult to close.
The warnings are phony. Criminals know a security warning will make you upset and panicky. It’s all designed to start your adrenaline flowing so you move quickly without thinking things through or getting advice. Wired Magazine published an article about a research team that visited tens of thousands of web pages that generate phony warnings and investigated sixty different call centers worldwide running the scam. Why do the criminals do it? They’re making tens of millions of dollars.
If your computer is up to date and you have security software (which is built into Windows 8 and 10), then nothing bad has happened to your computer when this warning appears. As long as you don’t take any more steps to invite the bad guys in, you are still perfectly safe. Close the browser or shut off your computer and you’re done.
One way to close the browser on a Windows PC: right click on the taskbar and click on Task Manager. Highlight each entry for your browser and click on End Task. There are instructions here to help you close the browser on a Mac computer.
After you restart your computer, you may need help from a trusted IT provider if the message reappears, if you see other popup ads or warnings, if ads appear in unexpected ways on websites (particularly in banners at the top or bottom or when you hover over links), or if your home page is changed.
There is more info in this article, Microsoft Does Not Call To Fix Your PC. If they get you on the phone, the scammers all work from the same script. They tell you that your computer will crash or hackers will steal your information if you don’t resolve the situation quickly. They’re trying to make sure you don’t have time to check with anyone or do any research. They will have you open logs on the computer that are unfamiliar to you and will claim that they “prove” you have a problem. In reality, the log entries are harmless and occur during normal operation.
Then they will claim they can repair your computer remotely for a fee. They may stay connected to perform fake repairs or even install legitimate (free) software. In the background, they may be doing anything from installing viruses to downloading your files.
You may see these phony warnings any time when you’re online. The bad guys are buying ad space on legitimate websites and using them to launch the scam windows when you browse to an otherwise innocent page. Just because something is listed in a Google search doesn’t mean it is safe!
Read the Rules for Computer Safety. And never, never, never call the 800 number!