New “Tech Support” Scam Can Lock You Out Of Your Computer According To Security Experts

There’s new computer security threat and just like other it’s serious only this time this may be a little more serious.This comes in form of “tech support lockers” and is more sophistaticated than the browser locks. It report according to security consultant Graham Cluley who posted his findings on his website. Browser locks work as  “essentially a piece of malware that starts automatically, and typical Alt+F4 or Windows key tricks will not get rid of it.”

You’re locked and then you are redirected to a screen similar to what you see above

“These lockers start when a user clicks on a fake PC optimizer or bogus Adobe Flash update.

One such sample detected by security researcher @TheWack0lian installs without any fanfare and waits until the user restarts their computer. At that time, it will take on the guise of a fake Windows update screen:

The scam will then load up another screen warning the user that they cannot access their computer due to an expired license key.

Windows Update cannot continue as your Software copy is Expired/Corrupt. Please enter a Valid Product key to continue.”

This screen locks a user out of their computer.”

The research explains further the aim is to ultimately try and  connect you some tech support guy somewhere who eventually asks you to give them Teamviewer access so they could uninstall whatever malicious software they probably installed in the first place.

The best way to protect yourself online is to not click on links and attachments you don’t trust or can’t verify because it all begins with a simple browser pop up or optimisation ad you and then the moment you click it, it takes you to a whole new unwanted page.

According to the report, holding  Ctrl+Shift and press the “S” key could disable the locker but not grant the victim access to their computers eventually and in some cases, entering three hardcoded values for the “product key”: “h7c9-7c67-jb” or “g6r-qrp6-h2” or “yt-mq-6w” has worked in some cases.

A new type of technical support scam is mimicking ransomware and locking users out of their computers.

Fortunately, there’s hope for users.

TheWack0lian notes that users can hold Ctrl+Shift and press the “S” key. Doing so will disable the locker but will not restore access to the computer.

In some instances, however, users can enter in one of three hardcoded values for the “product key”: “h7c9-7c67-jb” or “g6r-qrp6-h2” or “yt-mq-6w”. Those values might not work in every infection, but they have worked some of the time. A constantly updated and trusted antivirus software is encouraged as this could further help protect you online.

It’s not uncommon to see hackers use methods as friendly as text messages to gain access to mobile devices but the fact remains that it’s difficult for such malware to infect your devices without you triggering a process either by responding to an email or simply clicking a link.

As a last resort though, you might have to just follow the process which someone else has proffered;

Shut off computer

Remove system hard drive

Install different hard drive

Turn on computer and install operating system.

Turn off PC install original hard drive.

Turn on PC and set Bios to boot with non infected HD.

Transfer any needed files from old hard drive.
Wipe infected hard drive.
 

Disclaimer: Consult an expert before you carry out the above processes.

Image Source: Graham Cluley website