The news last night, said a lot of people are getting phony pages on their
computers saying that the FBI has targeted our computer for porno and it looks
serious and once you click on it, your computer locks up and you can’t use it
all; you can’t get rid of it and it costs hundreds of dollars to get it fixed.
Local people are also getting phone calls to this effect and somehow they try
to get you to wire them money through Western Union. Have you heard of this?
How do we avoid it? They said that it isn’t something we download, it just
suddenly appears when we are surfing the web. How can I avoid something like
this?
In this excerpt from
Answercast #68, I look at fake FBI scams and how your own skepticism can
keep you safe.
Become a Patron of Ask Leo! and go ad-free!
Internet scams
Well to answer the question in the middle – yes, I’ve heard of scams like
this for quite some time. They’re really nothing all that new. The phone calls
in particular are a fairly common way over the past couple of years for
malicious parties to gather either your money – or to actually have them take
over remote control of your computer where they then start installing
malware.
Be vigilant
There’s really no way to prevent this in an absolute sense. The single most
important thing you can do is… do what you’ve already done.
Be aware of the issue. Be suspicious; be skeptical.
Understand that, for example, this is not how the FBI operates! They don’t
throw up big warning screens on your computer if they suspect you of
something. If they suspect you of something, they’re going to confirm their
suspicions and then come and have a talk with you person to person.
So, the issue here is that it is really more a matter of education and
awareness. I think that that’s really what the news program was trying to get
across. The important thing is simply don’t fall for these things. If you see
something like this, ignore it. Close it. Move along.
How does it show up?
Now the other part of this is how does this message even show up?
Well, most often, it shows up on websites that are typically less than
honorable themselves. So the number one rule there of course is to avoid
visiting those kinds of sites.
Now what kinds of sites are those?
Well, it’s hard to say. I have an article on, “What
does it mean for a site to be suspicious?” but it’s really vague. It’s
really hard to define in absolute terms. The fact is that even well-meaning
sites can sometimes get hacked and can have malware put on the site that can
then turn around and present you with these kinds of fake or bogus warning
messages.
So, even though you should be avoiding what we might consider to be
“suspicious sites,” it can still kind-of, sort-of happen. That’s why the very
first thing, the most important thing – that the news program and that I would
try and get across to you – is simply that you must be aware.
You must be skeptical… and before (especially before) giving
anybody any kind of money or giving anybody any kind of remote access to your
machine – check it out. Use some other resource that’s not associated with
whomever is calling you to confirm whether or not they’re real.
My guess is (especially on the phone) as soon as you say, “You know, I’ll
get back to you. Leave me your number,” they’re either going to hang up on you
or they’re gonna get pissed. I’ve actually heard them get angry at people for
questioning their motives! As soon as that happens, you know it’s a complete
fraud.
Be aware and be safe.
This particular exploit uses a known vulnerability in Java. Users should either – uninstall Java (if they don’t actually need it), or be sure to keep their Java client up to date.
The vulnerability can be exploited just by opening a compromised website.
I have to admit, the screens (I have heard of ones from various law enforcement authorities, and experienced one myself) are pretty scary.
I may be a bit paranoid in my response. I turn off the PC at the socket, then boot up in safe mode and run all of my deep scans (there may be a ‘system restore’ in there as well). Then I boot in normal mode, make sure my PC works, force an update of all my anti-malware, disconnect from the internet, and deep scan again.
I completely agree with Bob as to what to do. One important point I’d like to add, is that you should not click on the popup at all! Not the little ‘X’ to turn it off or anything. Often, all these buttons are programmed the same so even if you choose ‘no’, the virus still downloads in to your computer.
As far as uninstalling Java, I would never consider it. Period. Almost every thing you do online, and often off-line, requires Java to run.
The popup did definitely come from a ‘compromised’ website or email and originates from Russia. The FBI sent out warning about this two weeks ago. You can Google IC3/FBI to sign up for FBI warnings about scams, viruses and more. They email you almost every day about these things. Good luck!
When I get bogus emails or just stuff in which I have no interest, I just mark them as “Fishing Scams” and I don’t hear from them again.
@Dave
What I believe you may be referring to is Javascript. Javascript is required for the proper functioning of many websites. Java is a program which runs programs which can be run independently or embedded in websites.
I uninstalled Java, and it’s not often that a website tells me I need it to run something on their page. So far, when that happens, I’ve just decided that I didn’t need to run that applet after all. If you do find you really need to run a Java program (there can be important programs you may need to run), then you can install Java with one click from that page.
How do Java and Javascript relate to each other?
Hey y’all
There is a Canadian counterpart. Our computer was recently infected with the “RCMP” version of that nasty virus. The virus locks the computer and then activates your webcam and says “you are being monitored” then requires the user to purchase a code in order to unlock the computer. Then it gives instructions to go buy it from a store like the 7-11! … AND it gives a time frame of 48 hours or be prosecuted for child pornography (and it lists other federal offenses); of course, even though it is alarming at first, if you think about it; ANY computer that was used in serious criminal activity (i.e. child pornography, etc…), the authorities, neither the FBI or RCMP, would send you a message requiring you to buy a code within 48 hours lest you be prosecuted – they would just break into your home and seize your computers and you’d be looking for a lawyer… in prison. In conclusion, if you know you haven’t committed any federal offenses that you know of lately, just boot the computer up in safe mode and delete that bloody thing. :)