In an email we received from Janet D., she shared her recent unsettling experience. Here’s what she described:

“I received a pop-up that froze my computer and read, ‘Access to this system is blocked for security reasons’ from Windows Defender Security Center. It came with an audio message and siren.”

Janet did what many might do in such a panic-inducing situation: She called the number displayed on her screen. She was instructed to press Ctrl + Shift + Esc, unfreezing her computer, but the instructions didn’t stop there. The scammer directed her to download software from UltraViewer.net, a legitimate remote access tool often exploited by bad actors. Here’s what you should know if you ever encounter a similar scam.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

3 red flags to recognize a tech support scam

1) Unsolicited pop-ups claiming to be from Microsoft or other security services: Janet’s story highlights a common scam tactic, which is fake alerts masquerading as official warnings. Microsoft and other legitimate companies do not issue pop-ups with support numbers or direct you to download remote access software.

2) Urgent audio and visual cues: Scammers create a sense of urgency with sirens, flashing messages and warnings of dire consequences to push victims into immediate action without thinking critically.

3) Requests to install remote access software: Scammers often use tools like UltraViewer, TeamViewer or AnyDesk to gain access to victims’ systems. While these tools are legitimate for remote tech support, downloading them at the request of an unknown party is a red flag.

DON’T GET CAUGHT IN THE ‘APPLE ID SUSPENDED’ PHISHING SCAM

Steps to take if you encounter a scam like this

If you come across a scam, it’s important to act quickly and take the following steps to protect yourself and your information.

Don’t engage

If you receive a suspicious pop-up, do not call the number provided or follow any on-screen instructions. Look up any suspicious phone numbers or messages independently. Use Ctrl + Alt + Del to open the Task Manager and close the browser or application displaying the message.

Assess potential damage

Scammers thrive on urgency. Take a moment to assess the situation calmly. Janet asked if the scammers could have taken any information. Here’s what to do. 

• First, look for any unfamiliar software installed after the incident and uninstall it.
• Visit your email, banking and other important accounts to check for unauthorized sign-ins or transactions.
• Use strong antivirus software to conduct a comprehensive scan. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

Secure your system

If you installed UltraViewer or similar tools, uninstall them immediately. Update passwords for critical accounts, prioritizing your email and banking logins. Consider using a password manager to generate and store complex passwords. Enable two-factor authentication, as this adds a layer of security even if someone obtains your login credentials.

Seek professional help

If you suspect that your computer is still compromised, it might be best to consult with a professional to ensure your system is secure. You may want to reach out to Microsoft Support for additional guidance and to report the incident to help prevent others from falling victim.

YOUR EMAIL DIDN’T EXPIRE, IT’S JUST ANOTHER SNEAKY SCAM

Why Janet didn’t receive a warning from her antivirus software

Janet also mentioned that her antivirus software didn’t flag the scam. Unfortunately, many of these scams rely on social engineering rather than malware to bypass antivirus detection. They exploit human psychology, not just technical vulnerabilities. However, running regular scans can still help detect hidden threats.

IS JUST READING THAT SKETCHY SCAMMER’S EMAIL DANGEROUS OR DO I HAVE TO CLICK ON A LINK TO GET IN TROUBLE?

What do I do if I provided personal information to a scammer?

First, don’t be the slightest bit embarrassed, as it could have happened to genuinely anyone. And the worst thing you can do is stay silent. You can help prevent this from happening to others.

Stop all communication: Cease all contact with the scammer immediately. Do not engage further or respond to any messages or calls from them.

Report the scam: Report the incident to your local law enforcement agency or the cybercrime unit in your country. Provide them with all the information you have about the scammer and the communication you had with them.

Notify your bank and credit card companies: If you shared any financial information, contact your bank and credit card companies right away. Inform them about the potential scam and ask for advice on how to secure your accounts.

Monitor your accounts: Keep a close eye on your bank accounts, credit cards and other financial accounts for any suspicious activity. Report any unauthorized transactions immediately.

Inform credit bureaus: Consider contacting credit reporting agencies to put a fraud alert on your credit report. This can help prevent the scammer from opening new accounts in your name.

Be cautious about future communications: Be vigilant regarding any future communications from unknown sources. Scammers may try to target you again using different tactics.

Use identity theft protection: If a scammer gets a hold of your personal information, you may consider a service that will walk you through every step of the reporting and recovery process. One of the best things you can do to protect yourself from this type of fraud is to subscribe to an identity theft service. One of the best parts of using an identity theft protection service is that it can include identity theft insurance of up to $1 million to cover losses and legal fees and a white-glove fraud resolution team where a U.S.-based case manager helps you recover any losses. Read more of my review of the best identity theft protection services here.

Kurt’s key takeaways

Janet’s experience is a reminder that even the most vigilant among us can fall prey to clever scams designed to exploit fear and urgency. By recognizing red flags like unsolicited pop-ups, high-pressure tactics and requests for remote access, you can protect yourself and your personal information. If you ever encounter a situation like Janet’s, remember to stay calm, verify the legitimacy of any alerts and take the necessary steps to secure your system. Scammers rely on quick reactions, so slow down, stay in control and don’t let them manipulate your next move.

Have you seen any new scams lately that others should know about? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.