Jump to content
JC_Stewart

Fraudulent Support from unknown support call

Recommended Posts

Glad to have found this thread!  Let me know what you think.    So, while in the process of learning through W3schools website, my premium trial of Malwarebytes ended and I did not upgrade immediately. Historically, I have only used Chrome..   Without real time protection, I clicked IE (bing/edge), typed in W3schools and bam!  The infamous "Your computer has been infected. blah, blah blah"  I shut it down immediately, ran Malwarebytes free version and did not find anything...   The next day, Chrome works fine, but when I clicked IE (bing/edge) and it lit up again.   This time giving me a phone number to call (866) 359-5578 to call with my computer looking like it was truly Microsoft support... The guy on the phone, sounded for real, accessed my computer and installed PC Privacy Shield, showed me all my logins and passwords, credit cards on my PC, really used a scare tactic to get me to purchase PC Privacy Shield. I looked  at the URL,,, did not show Microsoft, I  knew something was up.... In speaking with the technician on the phone, asked how do I get rid of this, can you help me.... are you really with Microsoft,,, this savvy cat showed me several things on my computer to appear like the real thing and even told me Malwarebytes will not protect my computer, not even the Premium... I knew something was up..    I hung up with the dude,  tried to uninstall PC Privacy shield - could not do it.  Went ahead and ran Malwarebytes free version and found 132 trogans!  Obviously quarantined, restarted and computer appears fine - even the PC Privacy Shield was removed.    Purchased the MB Premium, went to W3schools through IE and everything is fine now... No more lighting up my computer.... If anything about PC Privacy Shield is real and legit? Then why is it so difficult?  Was I speaking with an actual Hacker or just a Re-seller trying to scare me into purchasing his product?   As innocent as I was only learning things to better my future, through IE (Microsoft  Bing or Edge) my computer got heavily infected but not through Chrome.. What gives and why?  

Share this post


Link to post
Share on other sites

What you have demonstrated is you received a Microsoft FakeAlert and you ALLOWED a fraudster access to your computer.  That was a mistake.

First I suggest going to the Credit Card company and putting into Dispute any/all charges stemming from the fraud based incident.  You may want that Credit Card canceled and a new card issued as well.

Then I suggest having your PC checked out.  Just to make sure there is nothing lingering.

Please read;  I'm infected - What do I do now?  and then create a post in;   Windows Malware Removal Help & Support  requesting to have your PC checked out after falling for a Tech Support scam initiated by a Microsoft FakeAlert.

 - - - -

I have created a 1series of videos generated from these kinds of fraud sites for the purposes of recognition and education.  They are all  videos from real web sites.  ALL are FRAUDS.

All these have one thing in common and they have nothing to do with any software on your PC.  They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened.  From there they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds.

MalwareScam.wmv
MalwareScam-1.wmv
MalwareScam-2.wmv
MalwareScam-3.wmv
MalwareScam-4.wmv
MalwareScam-5.wmv
MalwareScam-6.wmv

I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf  /  Flash Version

They are all a kind of malicious advertisement ( aka; malvertisement ).

Using Task Manager and Killing the;  Edge, IExplorer, Chrome, Firefox, etc, processes is very effective once you are affected by these FakeAlerts.  Right now, to block it means Malwarebytes needs to know the URL to block.   If you can provide the URL it can be added to the list for Malwarebytes sites to block.

Submissions of suspect and malicious URLs can be performed in; Newest IP or URL Threats after reading;  READ ME: Purpose of this forum

Malwarebytes is creating Beta versions of Browser Add-Ins for Chrome and Firefox to deal with FakeAlerts and other frauds.  But as noted, they are still Beta versions.

Browser Add-On references:
Malwarebytes Browser Extension for Chrome (Beta)
Malwarebytes Browser Extension for Firefox (beta)

 

Reference:            
US FBI PSA - Tech Support Fraud
US FTC Consumer Information -  Tech Support Scams
US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio
US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams
Malwarebytes' Blog - Search on - "tech support scams"
Malwarebytes' Blog - "Tech support scams: help and resource page"



1.  Also located at "My Online Security" - Some videos of typical tech support scams

 

Share this post


Link to post
Share on other sites

Dave,

Thanks for the quick and helpful response.   Followed your advice and posted my logs on the Windows Malware Removal Help & Support  forum a few minutes ago.  Unfortunately, I did not copy the URL in time last night to save it..Hopefully, installing Premium MB last night saved me in time before anything catastrophic takes place.   Turned off my credit card, changed bank login just to start last night. Now heading to the bank... 

 

Thanks again.

Jim

Share this post


Link to post
Share on other sites
Posted (edited)

yw.gif.d3ef10e0b0f286c9a8045220d72bf9ae.gif

Please note that I am not a member of Staff.  They are Malwarebytes' employees.  I am not an employee. 
I'm just a Forum Member like you but I am in the Forum's Experts group.

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar

Share this post


Link to post
Share on other sites
Posted (edited)
1 hour ago, JC_Stewart said:

through IE (Microsoft  Bing or Edge) my computer got heavily infected but not through Chrome.. What gives and why?  

Screen door with holes in it. But even Chrome can be targeted for malvertising. Every computer I touch has Ublock Origin installed and a few extra filters enabled.

You do not get "infected or compromised" unless you fall for the scam and let someone remote control your computer.

Also NO ONE from "Microsoft" or any other company will ever call you because of any "issue" about your computer. Same scam but different scare tactic.

Edited by Porthos

Share this post


Link to post
Share on other sites

@JC_Stewart

Mr. Stewart, 

We were sorry to hear about this incident, but it seems that you have encountered some false-advertising that was meant to up-sell some technical support scheme.

This could have been any company that has seen our product online and tried to utilize its free version for their agenda here (just as they could have used Malwarebytes), or, a rouge reseller of course. 

ShieldApps' resellers' terms and conditions strictly forbid such foul play or any other abuse, and this would result in immediate termination of such reseller's account.

That said - please send an email to support@shieldapps.com with the reseller's information (the more details the better, so we can track down the account) and we will investigate this case asap.

 

@David H. Lipman

Mr. Lipman, we have been at the forefront of the consumer-cyber-privacy industry for a long time, powering highly reputable companies' products with our technology. 

Our headquarters are in Santa Ana as mentioned, and you are more than welcome to give us a call to discuss any matter directly (direct contacts below).

As far as legitimacy goes, feel free to review our certification in the following links below.

As an expert I am sure you are aware of AppEsteem and their rigorous certification process, which is aligned with both multiple AVs, Microsoft's and Google's requirements as well(!)

https://customer.appesteem.com/home/checklist

https://customer.appesteem.com/certified?vendor=shiel

 

For any further matter, and if you really want our tax ID number for any fun reason, feel free to contact me directly.

 

Dan Elle, Business Development Manager
ShieldApps Software Innovations
Skype: shieldapps.bizdev   |   Dan@shieldapps.com  |  Office: +1 818-934-4403

1820 E. Garry Ave. #106, Santa Ana CA. 92705

Share this post


Link to post
Share on other sites
4 hours ago, Porthos said:

Screen door with holes in it. But even Chrome can be targeted for malvertising. Every computer I touch has Ublock Origin installed and a few extra filters enabled.

You do not get "infected or compromised" unless you fall for the scam and let someone remote control your computer.

Also NO ONE from "Microsoft" or any other company will ever call you because of any "issue" about your computer. Same scam but different scare tactic.

Well I did fall for it and let the idiot remote in..  They did not call me, I called them.... just to see.. (866) 359-5578 is the number and will be sending it to shield apps for review.   I have began the changing all info process yet again...    hopefully Malware Premium is preventing anything from happening now... This has been a huge time killer when I do not have it...my fault.   Thanks again.. 

Share this post


Link to post
Share on other sites
13 minutes ago, JC_Stewart said:

Well I did fall for it and let the idiot remote in.. 

A large part of me getting new clients. I am sorry, On top of you canceling credit cards if you gave them a #. After that kind of intrusion, I never trust a computer till it is reformatted and reinstalled. I know that is like killing a fly with a bazooka but... Scammers have the potential to have installed or copied anything they wanted during the time they were connected. 

I am not trying to scare or make things harder but it is your computer and many will advise that our very own malware removal section can double check and remove issues for you. Yes they are real good but it is a time intensive procedure. 

Be sure once your computer is clean one way or another not before, You should change all your passwords to everything from the already clean computer. 

In the end, You learned some valuable computer lessons. Wish you the best.

Share this post


Link to post
Share on other sites

@JC_Stewart

Steer clear from non-vetted applications such as "Shield Apps" and "PC Privacy Shield".  Any applications that were installed subsequent to the Microsoft FakeAlert and the company associated with the Tech Support Scam behind the phone number (866) 359-5578 can not be trusted.  Chances are the Tech Support Scammer behind the phone number, (866) 359-5578, is an affiliate and received affiliate revenue ( aka; kickback ) for the installation.

If you haven't reviewed the references I previously provided, please do so...

 

Share this post


Link to post
Share on other sites

Dave,

Thanks again, and sorry I mistakenly thought you were with Malwarebytes.. I am bouncing from this forum to the other forum you recommended above.  I followed the instructions and ran Malwarebytes Adwcleaner and found 14 more obljects needing quarantined.  Now I'm filling out the IC3 complaint form and will check out the other links you posted as well.  All while I'm under the gun trying to prepare for a job interview..   This is a wonderful learning experience all at the wrong time..  dab nab it..   Jim 

Share this post


Link to post
Share on other sites

I'm glad to read you decided to file a complaint with the US FBI's IC3.  Tech Support scammers are a real problem and Law Enforcement needs all the information from victims that they can receive.

 

PS:  

Best 'O Luck with that job interview Jim  

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.