If your computer displays a message while you are browsing the Internet claiming that you have been hacked or infected with a virus, it is a lie by criminals.
Your computer is not infected with anything and you did nothing wrong.
Do not call the 800 number for “tech support.”
You are calling criminals who will lie to you.
I continue to deal almost daily with malicious web popups that display a message claiming that tech support is required to clean a virus or fix a hack. They can appear on Windows PCs or on Macs.
There are a thousand variations of these windows. They may be accompanied by a loud voice exclaiming that the computer is infected, or a siren or other loud noise. Almost always the windows will be difficult to close.
The warnings are phony. Criminals know a security warning will make you upset and panicky. It’s all designed to start your adrenaline flowing so you move quickly without thinking things through or getting advice. Wired Magazine just published an article about a research team that visited tens of thousands of web pages that generate phony warnings and investigated sixty different call centers worldwide running the scam. Why do the criminals do it? They’re making tens of millions of dollars.
If your computer is up to date and you have security software (which is built into Windows 10), then nothing bad has happened to your computer when this warning appears. As long as you don’t call the number or take any more steps to invite the bad guys in, you are still perfectly safe. Close the browser or shut off your computer and you’re done.
It is usually possible to make the phony warnings disappear without shutting off the computer.
Here’s the key point: the phony warning messages are just web pages displayed by your browser. The windows like the one displayed in the above screen shot are designed to fool you. The bad guys hide the usual bars and menus at the top and bottom, but they’re web pages all the same. If you can open Task Manager and kill the Internet browser – Chrome, Firefox, Internet Explorer – that will usually be enough to close the phony warnings and stop the noise.
There are three ways to start Task Manager. Memorize one of them.
1) Hit Shift-Ctrl-Esc.
2) Hit Ctrl-Alt-Del, then click on Task Manager.
3) Right-click on an empty part of the taskbar at the bottom of the screen, then click on Task Manager.
Pro tip: no one memorizes the first one. Shift-Ctrl-Esc? Really? Even I didn’t know that one and I’m obsessed with this stuff.
Windows 10 Task Manager looks like the above screen shot when you first see it. To close a hijacked web browser, highlight the browser – Google Chrome in the above picture – and click on “End task.”
If you click on “More details” in Windows 10 Task Manager, it expands to show additional information about background processes, startup programs, and more. Again, to close a hijacked web browser, highlight the browser and click on “End task.”
That’s it! You’ve had a close encounter with the bad guys. Chances are that’s the end of it. But don’t go back to the last page you were on before the phony warning popped up, and be careful what you click on. Review the Rules For Computer And Online Safety and be careful out there!
Bonus tip: Chrome has its own Task Manager
Google Chrome has a lot of hidden tricks, including its own Task Manager. You can close individual tabs from the Chrome Task Manager, as well as monitoring memory and CPU usage, which everyone knows is a guaranteed conversation starter at parties. At least that’s what I’ve heard. I don’t get invited to parties. Possibly because I have quite a lot of conversation starters like this.
To open the Chrome Task Manager, hit Shift-Esc, or click on the Chrome options button in the upper right / More Tools / Task Manager.
When your browser has been hijacked, you could theoretically close just the offending tab with the Chrome Task Manager. It’s worth a try. But the bad guys are likely to have used tricks that completely tie up the entire Chrome browser and prevent you from opening the Chrome Task Manager. So it goes. Use the Windows Task Manager instead in that case.
Good luck. And remember – don’t call the 800 number!
Awesome post, it’s very interesting to me, it’s very important to know that a hijacked web browser how to close them.
I just read the above article. It is very helpful. I want to share that, in the same way, I tried to close a hijacked web browser and I faced an error. The error was coming at the time of confirming form resubmission. Then I researched a lot to overcome the issue and I finally found a proper solution.
I have heard enough of these cases, as a help desk support victim. The above solutions appear to be something I’m going to consider adding to my tool bag of solutions.
So far my tried and true, if the user situation allows for it, is to perform a user log off of the pc they happened to be a victim at.
As for not calling the 800#, if you have some pent up steam, these are great #’s to torment. They hang up, dial ‘dial me back. Set a weekly quota for yourself. It’s very therapeutic. A cure for all that ails you. Plus for the bonus, calling from a burner type phone is a nice touch.
Is there any way to use task manager (or other method) to close only the tab that has been hijacked? There are other tabs I’d like to use before closing out everything. Thx
Chrome’s task manager (Shift-Esc) will let you close individual tabs. But the hijackers will frequently prevent you from opening the Chrome task manager, so the only option may be to close the browser completely.