ARTICLE: Popup Scammers’ Plan of Attack

More common to encounter than viruses these days are scammers; they’re not interested in infecting or damaging your PC, but in taking your money.  There’s a typical plan of attack scammers follow, and the sooner you realize it’s a scam the less costly damage control will be.

STEP 1: Getting You to Call Them (fearmongering and lies)

The most typical method scammers use for you to call them is through a pop-up window that appears while you’re browsing the Internet.  Often through clicking innocently enough on advertisements or “click bait” articles, you will go to a site that then produces a concerning pop-up message.

At this stage, you’re likely not infected by anything.  Whatever the pop-up is saying is simply a scare tactic to make you react right away. “Don’t call your local technician, don’t call a family member or friend, just call us right now!”

The pop-up is often a “sticky” one that doesn’t easily close and sometimes has an audible message speaking. Though there are more advanced ways to forcefully close the offensive window, sometimes you can resolve this by simply restarting Windows.  Once Windows starts back up, reload the web browser.  Depending upon how it’s setup the browser may ask if you want to reopen/restore websites you were previously in.  Do NOT!  Return to your normal homepage and everything should be right with the Internet once more.

STEP 2: Let Them Remotely Connect to Your PC (the foot in the door)

If you do call the phone number, you’ll be in touch with a scammer who’s first task will be to get you to let them connect onto yourPC.  The software they use varies and is often legitimate software; but, as with any tool, in the wrong hands it can do great harm.  In this case, you have now given a scammer significant access to your PC. They can see your screen, move your mouse, and perform other tasks in the background.

The problem at this stage and onward is that even if you decide this is a scam and hang up on them, they’re still on your PC. Even if you turn your computer off or disconnect the Internet, the software may still be installed. When you inevitably power back on and reconnect to the Internet, the remote software will still be there, waiting to automatically re-establish a connection back with the scammers.

STEP 3: Convince You There’s Something Wrong on Your PC (& that only they can fix it)

The “people skills” of the scammers vary, but their ultimate goal once connected to your computer is to convince and reaffirm to you that there’s something wrong with your PC, that they’re the only ones who can fix it, and that it must be addressed immediately. This all plays into keeping the momentum moving towards their end goal, and the less time you get to second-guess your decisions or what they’re doing on your PC the better it is for them.

The scammer may look like they’re performing initial scans or checking log files all in an attempt to play the part of a diagnosing technician.  Even if there is a legitimate issue with your PC and the scammer acknowledges it, that only helps their end goal; but that goal isn’t to fix your computer.

STEP 4: Getting Your Credit Card Info (damned if you do, damned if you don’t)

This is what the scammer has been leading you to: getting your credit card information and paid. They may offer a flat or annual charge and provide you with contact information (typically in a text file on your desktop screen).  You are in the scammer’s endgame, and it’s possible that either decision you make here will have negative consequences.

If you provide your credit card information, they will charge you and leave.  They’re job is done, and they’ll typically just move on to the next person that calls the phone number from the pop-up scam message.  The remote software they used will likely remain on your PC giving them the ability to remotely reconnect.

If you refuse to provide your credit card information, things can get dicey.  The scammer usually becomes more aggressive and may cause problems on your PC.  Remember, your computer is in a compromising position with them currently on it with significant access to do some damage.  The remote software they’re using is still active even if you hang up on them.

What Can You Do?

Don’t call the phone number. The pop-up message is a lie. You may need assistance removing the message, but don’t ask the scammers for that help.

Don’t let them onto your PC.  OK, so you called the number.  Don’t bother talking to or convincing them that your PC is fine or that what they’re doing is wrong.  Think of them as drug dealers: for them it’s just a business, and you’re wasting your time trying to make them feel bad about it.  Just hang up.

Don’t give them your credit card information.  OK, so you let them onto your computer.  It’s best to follow the old adage to “never negotiate with terrorists or give them what they want”.  Immediately power-off your PC by pressing and holding the power button for 5-10 seconds.  Yes, it’s not a recommended method, but this is an emergency and you want to severe the connection the scammers have with your PC right away. Leave the computer off and call BRETT-TEK.  The remote software that the scammers used must be removed before the system is reconnected to the Internet.

A Story of a Scammed Client

Here’s a clip of me describing an experience I had with aclient and his PC when an aggressive scammer decided to do more than just “fix” his computer.

A Story of a Scammed Client

I’ve helped hundreds of local clients who’ve either been victims of scams or were in the process of being scammed.  Sadly, even if just a fraction of the millions of people scammers reach provides them with money, they’ll continue to do this.  If you’ve been the victim of a scam or worried someone you know has been, please call BRETT-TEK.  We can perform a check on your PC and help resolve what they may have done to it.