holdingthehead

Supposed Microsoft notification of computer blocked

Recommended Posts

er0r-str32.xyz/ fire/ index. php?pn=

This page came up when I opened a web page. (I inserted 3 spaces just in case something could be activated) It claims that www.support.microsoft.com says:

Your computer has been blocked

Error # 268D3

Please call us immediately at ' +1870-376-0812 '  Do not ignore this critical alert....

I read first steps when dealing w/ ransomware, but I am not sure how to carry out many steps. I closed CC Cleaner and my backup. I am not sure if that disables the Cleaner.

I thought that I was not able to open another browser in FF which is what I use but yes I can.

20190105_191216.jpg
Download Image

Edited by holdingthehead
Not best title

Share this post


Link to post
Share on other sites

I suspect that this is a hoax or an amatuer attempt to get the gullible (especially those who have not heard of the excellent work of Emsisoft in this line).

As far as I have been able to determine, the only problem is a supposed web page that is not able to be closed.

I hope my analysis is correct.

Share this post


Link to post
Share on other sites

I decided to force stop the page through task manager before putting to sleep last night.

When I tried Firefox today, at first it would not connect to the internet.  I feared that that was a leftover from the "attack".  But eventually things have normalized.

Is anyone able to comment on this?

Share this post


Link to post
Share on other sites
On 1/5/2019 at 8:59 PM, holdingthehead said:

I suspect that this is a hoax or an amatuer attempt to get the gullible

The screenshot you posted shows what is often called a "tech support scam". Here's some informational links regarding them:
https://blog.emsisoft.com/en/24269/microsoft-calling-mind-the-tech-support-scammer/
https://support.microsoft.com/en-us/help/4013405/windows-protect-from-tech-support-scams
https://www.consumer.ftc.gov/articles/0346-tech-support-scams
https://www.consumer.ftc.gov/features/tech-support-scams

The logon dialog was interesting, as I don't think I've seen that before. It's more than likely just a new tactic to get people to call the phone number in the other dialog that pops up.

 

On 1/6/2019 at 4:56 PM, holdingthehead said:

I decided to force stop the page through task manager before putting to sleep last night.

This is generally the only way to deal with them when you're using a browser that still allows webpages to open modal dialogs that can block access to the browser's UI. Unfortunately some browsers will attempt to restore any pages that were open when it was terminated by the Task Manager the next time you open them, thus reopening the scam.

 

On 1/6/2019 at 4:56 PM, holdingthehead said:

When I tried Firefox today, at first it would not connect to the internet.  I feared that that was a leftover from the "attack".  But eventually things have normalized.

Once the browser was closed, and all instances of firefox.exe were no longer running, then the page is closed and can no longer effect anything. These scam pages generally involve no malware and no exploits (beyond social engineering of course), and they can't make any changes to your browser or your computer without some sort of malicious payload to do that for them.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.