How to Handle Fake Security Warnings

This week I was in a hurry and mistyped the URL for CloudFlare. Usually, that doesn’t result in anything except losing a minute or two. This time, I got an error screen and an audio message that said my computer was infected and to call tech support at a toll-free number. I see these fake alerts more often, which are getting harder to dismiss. That’s another clue these are fake messages.

I should point out that a small group of typo squatters is probably doing these scams. They are trying to benefit from our spelling errors and scare us into buying a solution for a problem that doesn’t exist. While we can’t expect companies to buy every close combo of their domain name, we can learn how to deal with these annoyances. The first rule is to “stay calm and curse on.” OK, the cursing part is optional.

Breaking Down the Scam

Interestingly, after I typed the wrong URL, I was redirected and ended up on a different domain. For example, I mistyped Cloudflare.com but ended up on a domain that wasn’t the misspelled one. I’ve blurred the address line in the screen snap below for safety reasons.

The URL is also interesting as they appended some data that the browser’s header sends to websites. This was probably done to make me think the message was credible. It included location information.

Fake virus warning.
Fake virus warning

If you look at the white pop-up, you’ll see several places where they want you to call a “Microsoft Certified Technician.” I’ve never seen a “blue screen of death” (BSOD) where a TOLL-FREE number was provided. Instead, Microsoft would typically say to contact your system administrator. You can click the image to make it larger.

Interestingly, the message references “Microsoft Certified Technician,” but that doesn’t mean you’re calling Microsoft. At the bottom of the browser is another plea to call Microsoft, although they use the phrase “Help Desk.” Toward the right side, they’ve tried to emulate some more Windows error messages.

Closing the Browser Tab

One nice feature of Google Chrome is you can usually close a specific browser tab even if it’s unresponsive. I’ve been able to use this technique on other scam alerts.

  1. While in Chrome, press your Shift + Esc keys.
  2. Click the Task column to resort the Task Manager list.
  3. Highlight the tab you wish to close. The tabs start with Tab:
  4. Click the End process button.
Chrome task manager
Google Chrome Task Manager

Even though you clicked “End process”, the browser tab remains open. You’ll see the famous “Aw Snap” message if you click the tab. From here, you can close the tab as usual.

Aw snap message
Chrome “Aw Snap” message

Aw snap…it didn’t work

Sometimes the above steps don’t work, and you can’t even bring up Chrome’s Task Manager or maneuver between tabs. The two options are to call these idiots and give them an earful. As much as that would probably make us feel better, I wouldn’t do it unless I called from a phone number that didn’t show up on their console. When you call toll-free numbers, they may be able to pick up your number even if your Caller ID is blocked.

The second option is to close all browser tabs. Sadly, this means you may lose some data. If you’ve got some new site you just found and you’re worried you’ll lose the URL, Chrome History probably has it. You don’t have control of Google Chrome, so you’ll need to shut it down with Windows Task Manager.

  1. Press Ctrl + Shift + Esc

This will bring up Windows Task Manager. Your version may look different. I’m using Windows 10.

Windows 10 Task manager.
Windows Task Manager
  1. Highlight Google Chrome
  2. Click the End task button

Those steps should end the immediate annoyance. The scammer’s tab is gone, but so are all the other open tabs. When you restart Google Chrome, you’ll probably get a message saying, “Restore Pages? Chrome didn’t shut down correctly. Refrain from restoring these tabs, as it will pull up the alert again.

Instead, click the X in the top right corner.

Finding Your Lost Tabs

If you need to find those closed tabs, all is not lost. Based on your settings, Google Chrome probably remembers the site. You only need to press Ctrl+H, which will pull up Google’s History panel. You can look through the recent entries and should be able to see your items.