• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

Threatening attempt to gain access issue

Recommended Posts

Bruinator    46

I use chrome as my browser and i just received the following:

 

image.thumb.png.2864aaacc2ca032b0e21b54d8ad88b0e.png

 

What should I do about this plz?

 

thx

Share this post


Link to post
Share on other sites
Brandon H    3,671

it's fake. likely a page with a redirect ad. you should be able to just close it and be fine

 

If you're worried though I'd recommend you scan your computer with Malwarebytes and Kaspersky Rescue Disc on a USB. I recommend the rescue disc because booting into an environment to scan ensures the scanner isn't compromised causing it to ignore the infected files and/or be unable to delete them.

  • Like 3

Share this post


Link to post
Share on other sites
Bruinator    46
2 minutes ago, Brandon H said:

it's fake. likely a page with a redirect ad. you should be able to just close it and be fine

 

If you're worried though I'd recommend you scan your computer with Malwarebytes and Kaspersky Rescue Disc on a USB. I recommend the rescue disc because booting into an environment to scan ensures the scanner isn't compromised causing it to ignore the infected files and/or be unable to delete them.

As always, TYVM Brandon. I appreciate your help.

Share this post


Link to post
Share on other sites
Bruinator    46

I just added skip redirect ext so it wont happen again.  :)

Share this post


Link to post
Share on other sites
cork1958    1,960

Hmm, I tried going to that page in Waterfox and it doesn't even display anything. Just a blank white page. No indication ublock origin is blocking anything or Privacy Badger or any alerts from Windows Defender. Must be my host file blocking it possibly.

  • Thanks 1

Share this post


Link to post
Share on other sites
Brandon H    3,671
1 minute ago, cork1958 said:

Hmm, I tried going to that page in Waterfox and it doesn't even display anything. Just a blank white page. No indication ublock origin is blocking anything or Privacy Badger or any alerts from Windows Defender. Must be my host file blocking it possibly.

most of the time those malicious redirects are smart enough to randomly generate the URL every time and expire after a few min; so could be that too

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites
shockz    7,420

Your browser got redirected. Probably from a shady ad, but you'd be safe to run a malwarebytes scan just to make sure you don't have any ad/malware installed.

 

The fact that you gave ublock installed would concern me about malware, usually it blocks all this stuff. 

Edited by shockz
  • Thanks 1

Share this post


Link to post
Share on other sites
Brandon H    3,671
8 minutes ago, shockz said:

The fact that you gave ublock installed would concern me about malware, usually it blocks all this stuff. 

true but depends on how new the redirect is. can't update for everything instantly

  • Thanks 1

Share this post


Link to post
Share on other sites
shockz    7,420
4 minutes ago, Brandon H said:

true but depends on how new the redirect is. can't update for everything instantly

I get a white screen when hitting that domain, running pihole. I'm sure it's on their list. He needs to run a scan if he's got ublock installed and seeing that.

  • Thanks 1

Share this post


Link to post
Share on other sites
+BudMan    3,694

833 number - yeah that is SCAM!! For sure...

https://www.lifewire.com/what-is-the-area-code-833-scam-4774826

 

But if you have some FREE time and want to F with someone - could be fun ;)

 

Record the call and post it ;)

  • Like 1
  • Thanks 1
  • Haha 1

Share this post


Link to post
Share on other sites
cork1958    1,960
1 hour ago, shockz said:

Your browser got redirected. Probably from a shady ad, but you'd be safe to run a malwarebytes scan just to make sure you don't have any ad/malware installed.

 

The fact that you gave ublock installed would concern me about malware, usually it blocks all this stuff. 

Didn't even notice OP had ublock origin installed! Definitely time for a quick scan then.

  • Thanks 1

Share this post


Link to post
Share on other sites
Nick H.    10,486
53 minutes ago, BudMan said:

833 number - yeah that is SCAM!! For sure...

https://www.lifewire.com/what-is-the-area-code-833-scam-4774826

 

But if you have some FREE time and want to F with someone - could be fun ;)

 

Record the call and post it ;)

When I was unemployed this is how I passed the time. I didn't actively seek out the scammers, they would randomly phone the house. "Hello sir, I'm phoning from Microsoft and we would like to inform you that your computer is sending viruses."

"Goodness, really? That sounds terrible. What can I do?"

I was running Linux and I (was) an unemployed technician. I had them going for ages. It became a personal challenge to see how much of their time I could waste. :laugh:

  • Like 1
  • Thanks 1
  • Haha 4

Share this post


Link to post
Share on other sites
cork1958    1,960
3 minutes ago, Nick H. said:

When I was unemployed this is how I passed the time. I didn't actively seek out the scammers, they would randomly phone the house. "Hello sir, I'm phoning from Microsoft and we would like to inform you that your computer is sending viruses."

"Goodness, really? That sounds terrible. What can I do?"

I was running Linux and I (was) an unemployed technician. I had them going for ages. It became a personal challenge to see how much of their time I could waste. :laugh:

Ya, I really like those calls also. :)

  • Thanks 1

Share this post


Link to post
Share on other sites
cork1958    1,960
1 hour ago, Brandon H said:

most of the time those malicious redirects are smart enough to randomly generate the URL every time and expire after a few min; so could be that too

Didn't try going to the full address that was in OP's image but just the main page/domain.

https://sensakesbusin.info nothing but a white page

  • Thanks 1

Share this post


Link to post
Share on other sites
Bruinator    46

Just got this now: WTF. Time to run Kaspersky rescue disk.

 

image.thumb.png.5f90b9e90a9e40ed161fda155dda315d.png

Share this post


Link to post
Share on other sites
+warwagon    13,752

I would also recommend you check your chrome extention list and make sure some dodgy ones didn't get installed. I see that happening ALL the time. Some extensions don't even try to hide the fact they are a peice of crap, calling themselves things like "PDF Promotion's".

 

Other pieces of crap extensions are called things like "Search Encrypt" or "Map finder", "*Insert name* Finder". The average user usually gets those ###### extensions installed by trying to find an obituary or a manual on the internet. I'm not sure how they manage to get an extention installed but they do. One person I helped had 11 ###### extensions installed. As you can imagine they were getting redirected all over the place.

  • Like 2
  • Thanks 1

Share this post


Link to post
Share on other sites
Bruinator    46

Nothing found with kaspersky R.D. I have installed zemana antimalware so I hope this will prevent these things.  Thx

Share this post


Link to post
Share on other sites
Jim K    15,037

If you're not infected with something ... then stop visiting whatever sketchy website you're visiting.  It could be defeating your ublock.

 

What is this stuff circled?

 

image.png.thumb.jpg.acac96caf950086eb58e87257b0058c6.jpg

 

You can run this in the Chrome browser:

chrome://settings/cleanup

 

...and it will (or try) ...

Quote

Remove unwanted ads, pop-ups & malware

If you're seeing some of these problems with Chrome, you might have unwanted software or malware installed on your computer:

  • Pop-up ads and new tabs that won't go away
  • Your Chrome homepage or search engine keeps changing without your permission
  • Unwanted Chrome extensions or toolbars keep coming back
  • Your browsing is hijacked, and redirects to unfamiliar pages or ads
  • Alerts about a virus or an infected device

I believe ESET created the tool.  It does take a little bit to run and it doesn't have a progress bar ... so enjoy watching the circle for a while.  

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites
Bruinator    46
2 hours ago, Jim K said:

If you're not infected with something ... then stop visiting whatever sketchy website you're visiting.  It could be defeating your ublock.

 

What is this stuff circled?

 

image.png.thumb.jpg.acac96caf950086eb58e87257b0058c6.jpg

 

You can run this in the Chrome browser:

chrome://settings/cleanup

 

...and it will (or try) ...

I believe ESET created the tool.  It does take a little bit to run and it doesn't have a progress bar ... so enjoy watching the circle for a while.  

Circled are Lastpass and tab wrangler extensions and the bottom is forecast fox extension. All legit.

Share this post


Link to post
Share on other sites
yuanyasmine    1

It's fake. If this happens the fix to avoid that page when you restart Chrome is to disconnect from the Internet then load Chrome, type in something like google.com in the address bar, let it error out then close Chrome. Reconnect your Internet and open Chrome seems to clear that up.

But as to the initial scam popup you can't get rid of it appears Google is going to have to fix that to avoid the workaround I'm using.

  • Thanks 1

Share this post


Link to post
Share on other sites
+BudMan    3,694

Here you go - this will be very interesting to you about these sorts of scams

https://www.bbc.com/news/technology-51740214

Scam call centre owner in custody after BBC investigation

 

Panorama broadcast hacked footage from inside the call centre which showed how staff charged people hundreds of pounds to fix non-existent computer problems.

  • Like 3

Share this post


Link to post
Share on other sites
Barney T.    2,408

Snipped actual scamming website URL.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.