Ransomeware during Firefox update on Friday, Oct. 16 2015
On Friday, Oct. 16th 2015, Firefox automatically updated itself on my PC. A common practice that happened many, many time. before. Normally, after Firefox's update... I'm in like Flint !!!
After the updating, I was locked in a loop and couldn't get out of it, nor could I access the web. A window popped up and asked if I needed help. Long story short: I called their Advice Number which I believed was FireFox's.
This consultant said he could help me access the net and asked permission to access my PC. Of course I answered yes. He went through and displayed my PC's internals and told me: "You need to renew Microsoft software". Immediately this sounded fishy to me !!!! I told him I've NEVER had to "renew" anything on any of the PC's I've own over the years. His canned answer was: You were lucky.
He told me I received an email from Microsoft asking me to renew, and must have ignored it. I find that hard to believe !!!
He said I would have to renew and provided the link to do so. What was I supposed to do ??? He was already in my PC.
So I furnished my Credit-Card info and unfortunately had a doc's appointment in 15-minutes. Told him that and he said not to worry he'll have my PC fixed when I return.
When I returned after a few more minutes, I was able to access the Web.
The company's Name is: GTS TECH SOLUTIONS
Has anyone else been screwed like this ??? Under my circumstances... how would you have responded ?
TIA... Doug1959
Chosen solution
You fell victim to a very common scam. IMMEDIATELY call your financial institution, explain what happened. They will have heard of this before, and will cancel the transaction and provide you a new card number.
I suggest immediately unplugging your computer and taking it to a reputable, local computer repair shop, who will be able to scan it for viruses and malware that were placed on the computer by this group.
How this scam works is a very simple virus is placed on your computer (usually through a software download from a suspicious location), which after a certain amount of time, pops up the message you saw. You could have just removed that virus, and been all good to go (there was no software on your computer that needed to be renewed) , but instead, by calling them and providing your information, you've given them the real prize, your credit card information.
Read this answer in context 👍 1All Replies (8)
Chosen Solution
You fell victim to a very common scam. IMMEDIATELY call your financial institution, explain what happened. They will have heard of this before, and will cancel the transaction and provide you a new card number.
I suggest immediately unplugging your computer and taking it to a reputable, local computer repair shop, who will be able to scan it for viruses and malware that were placed on the computer by this group.
How this scam works is a very simple virus is placed on your computer (usually through a software download from a suspicious location), which after a certain amount of time, pops up the message you saw. You could have just removed that virus, and been all good to go (there was no software on your computer that needed to be renewed) , but instead, by calling them and providing your information, you've given them the real prize, your credit card information.
Do you have the Firefox icon on your quick launch? Right click on it, and select Open New Window. Sometimes this works. If it opens, close it by Menu > File > Exit.
If it's the fake FBI/Interpol browser lock page, This add-on can stop such pages; disallow Script Button {web link} The Disallow Script button looks like a letter "M" and the title is the Minus Script, drag and drop the button on a toolbar. If the button is not displayed then nothing operates, except rules for plugins.
Re: "Do you have the Firefox icon on your quick launch? Right click on it, and select Open New Window. Sometimes this works. If it opens, close it by Menu > File > Exit."
Since I paid the ransomware I'm able to access the internet. Also got the charge reversed and new CC issued.
I'm not sure what "quick launch" is. I have Firefox's icon on the bottom of my screen (left of systray) I experimented and Right clicked it, and was able to select Open New Window.
That's the way to do it. Ransom-ware, as well as the lock pages, change the browser to always open to the trap page. But if you close the browser, then open it to a NEW WINDOW, the trap is bypassed. By closing the browser now, the trap is gone.
The add-on I posted can also shut down the running script on these pages.
Note that the "ransomware" is still on your computer, you NEED to have it removed, as it is still infecting your computer, possibly stealing passwords and private data or sending out spam e-mails.
FredMcD:
Thanks for your response but.. I'm not a technician by any stretch of imagination. Thus... what you just posted went far above my comprehension level.
Doug1959
Regarding: Note that the "ransomware" is still on your computer, you NEED to have it removed, as it is still infecting your computer, possibly stealing passwords and private data or sending out spam e-mails.
Good Point !!! I'll use my laptop until my desk-top issue is resolved !!!
Further information can be found in the Troubleshoot Firefox issues caused by malware article.
Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.