X
Tap here to go to the mobile version of the site.
IMPORTANT ANNOUNCEMENT: We’re going through some system changes, that may have slowed responses to your questions. If you had asked a question in the last couple of months, please re-post it and the community will help you as soon as we can. If you’ve registered after February 7th, please register again, the accounts on the previous site were not migrated to this temporary site. If you joined us before February 7, please reset your password if you have trouble logging into this temporary site.

Support Forum

I clicked on a link and got the 1-844-599-5636 warning that something was infecting my computer. What do I do..I do not want hackers getting my information.

Posted

I got a warning ..obviously a scam...telling me my computer had been infected and I was to call a number to help get rid of the virus. The phone number is 1-844-599-5636. What do I do now to make sure the bad guys do not have my banking information etc. Thank you for any assistance you can give. I am on a macintosh computer but was using Firefox.

I got a warning ..obviously a scam...telling me my computer had been infected and I was to call a number to help get rid of the virus. The phone number is 1-844-599-5636. What do I do now to make sure the bad guys do not have my banking information etc. Thank you for any assistance you can give. I am on a macintosh computer but was using Firefox.

Chosen solution

A browser only displays what a website sends. There should not be a breach. Running the scanners will make sure there are no surprises left behind.

Read this answer in context 1
Quote

Additional System Details

Application

  • User Agent: Mozilla/5.0 (iPad; CPU OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53

More Information

jscher2000
  • Top 10 Contributor
5933 solutions 48736 answers

Those scam pages don't provide accurate information about what's happening on your computer. If you want to check, you can try this free program: https://www.malwarebytes.org/antimalware/mac/

There are at least two different styles of these pages:

(1) The alert messages

If what you got was like a page someone linked to the other day (see attached screenshot), when you "OK" the first alert dialog off the screen, it appears again. It should have a checkbox indicating that you do not want Firefox to show any more alerts for that page. Checking that and clicking OK should allow you to avoid further torment (other than from the annoying recorded voice) and close the tab normally.

(That checkbox was added in direct response to attack pages popular a few years ago.)

(2) The reloading sign-in dialog

This one says you need to call to get a code and every time you close the login dialog the page immediately reloads and redisplays the dialog to make you think there's no way out. Pressing the Esc key numerous times quickly will cancel the reload cycle so you can close the tab. (Verified on Windows, not sure on Mac.)

(3) The next dirty trick

To be determined! There's always something new sooner or later.


Some other general things to think about:

(1) In search engine results, beware of the ads. Often the first item or three on the page is a paid ad that is just bait for this kind of scam. Look for an icon or background color or other indication of ads vs. native results.

(2) Consider using an ad blocker to cut down on diversions on popular sites. For example: https://addons.mozilla.org/firefox/addon/ublock-origin/

(3) You can change how Firefox starts up after you force quit to avoid getting a scam page again: instead of Firefox automatically reloading all the tabs, you can set it to display a list so you can deselect unwanted tabs. Here's how you do that:

(i) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(ii) In the search box above the list, type or paste sess and pause while the list is filtered

(iii) Double-click the browser.sessionstore.max_resumed_crashes preference and change the value from 1 to 0 (that's a zero) and click OK

Please do not change any other sessionstore preferences without researching or asking about them first.

Hope this helps.

Those scam pages don't provide accurate information about what's happening on your computer. If you want to check, you can try this free program: https://www.malwarebytes.org/antimalware/mac/ There are at least two different styles of these pages: (1) The alert messages If what you got was like a page someone linked to the other day (see attached screenshot), when you "OK" the first alert dialog off the screen, it appears again. It should have a checkbox indicating that you do not want Firefox to show any more alerts for that page. Checking that and clicking OK should allow you to avoid further torment (other than from the annoying recorded voice) and close the tab normally. (That checkbox was added in direct response to attack pages popular a few years ago.) (2) The reloading sign-in dialog This one says you need to call to get a code and every time you close the login dialog the page immediately reloads and redisplays the dialog to make you think there's no way out. Pressing the Esc key numerous times quickly will cancel the reload cycle so you can close the tab. (Verified on Windows, not sure on Mac.) (3) The next dirty trick To be determined! There's always something new sooner or later. ---- Some other general things to think about: (1) In search engine results, beware of the ads. Often the first item or three on the page is a paid ad that is just bait for this kind of scam. Look for an icon or background color or other indication of ads vs. native results. (2) Consider using an ad blocker to cut down on diversions on popular sites. For example: https://addons.mozilla.org/firefox/addon/ublock-origin/ (3) You can change how Firefox starts up after you force quit to avoid getting a scam page again: instead of Firefox automatically reloading all the tabs, you can set it to display a list so you can deselect unwanted tabs. Here's how you do that: (i) In a new tab, type or paste '''about:config''' in the address bar and press Enter/Return. Click the button promising to be careful. (ii) In the search box above the list, type or paste '''sess''' and pause while the list is filtered (iii) Double-click the '''browser.sessionstore.max_resumed_crashes''' preference and change the value from 1 to 0 (that's a zero) and click OK ''Please do not change any other sessionstore preferences without researching or asking about them first.'' Hope this helps.
Was this helpful to you?
Quote
FredMcD
  • Top 10 Contributor
2687 solutions 36200 answers

Helpful Reply

. Whenever you get a message / popup like that;

DO NOT USE ANY OF THE PROVIDED LINKS OR ANY PHONE NUMBERS ! !

Such messages are only Spam that could lead you to Fake Support. Not only can they damage or hack your system, they charge you to do so.

You can report such a site at; Google Report Phishing Page {web link} which is the same when done while on site by going to Help > Report Web Forgery

Help us safeguard Mozilla’s trademarks by reporting misuse {web link}


Mac Malware Scanners https://discussions.apple.com/message/29938930#29938930

You can also try https://www.malwarebytes.org/antimalware/mac/index.html

. '''Whenever you get a message / popup like that;''' <u>'''DO NOT USE ANY OF'''</u> <u>'''THE PROVIDED LINKS'''</u> <u>'''OR ANY PHONE NUMBERS ! !'''</u> Such messages are only '''Spam''' that could lead you to '''Fake Support.''' Not only can they damage or hack your system, they charge you to do so. You can report such a site at; '''[http://www.google.com/safebrowsing/report_phish/ Google Report Phishing Page]''' {web link} which is the same when done while on site by going to '''Help > Report Web Forgery''' '''[http://www.mozilla.org/en-US/legal/fraud-report/ Help us safeguard Mozilla’s trademarks by reporting misuse]''' {web link} ---------------- Mac Malware Scanners https://discussions.apple.com/message/29938930#29938930 You can also try https://www.malwarebytes.org/antimalware/mac/index.html
Was this helpful to you? 1
Quote

Question owner

Thank you very much for your answers. jscher2000, my experience was not like either one of the scenarios you presented. There were no dialog boxes, just a page with a warning that my computer had been infected with a virus and that I should call a number etc. for help. (there was this creepy voice speaking the warning). My husband force quit out of Firefox, and it did not come back. FredMcD, thank you...your scenario was closer to what happened. In your answer you indicate this is only spam. Does that mean there was not anything downloaded on my computer, and that I need not be concerned about the hackers getting my information...and identity theft? I did not call any of the numbers. I did run a malware detector software which did not find anything. Thank you again.

Thank you very much for your answers. jscher2000, my experience was not like either one of the scenarios you presented. There were no dialog boxes, just a page with a warning that my computer had been infected with a virus and that I should call a number etc. for help. (there was this creepy voice speaking the warning). My husband force quit out of Firefox, and it did not come back. FredMcD, thank you...your scenario was closer to what happened. In your answer you indicate this is only spam. Does that mean there was not anything downloaded on my computer, and that I need not be concerned about the hackers getting my information...and identity theft? I did not call any of the numbers. I did run a malware detector software which did not find anything. Thank you again.
Was this helpful to you?
Quote
FredMcD
  • Top 10 Contributor
2687 solutions 36200 answers

Sometimes, those type pages Lock themselves into the browser so that even if you close the browser, it comes back when you restart.

This add-on can stop such pages; disallow Script Button {web link} The Disallow Script button looks like a letter "M" and the title is the Minus Script, drag and drop the button on a toolbar. If the button is not displayed then nothing operates, except rules for plugins.


Another way out of the trap is to (force it if needed) Close Firefox. Wait about 20 seconds for Firefox to finish closing. Right click on the Firefox icon and select Open New Window. Sometimes this works. If it opens, close it by Menu > File > Exit. This will flush out that web page from the Session Store.

Sometimes, those type pages Lock themselves into the browser so that even if you close the browser, it comes back when you restart. This add-on can stop such pages; '''[https://addons.mozilla.org/en-US/firefox/addon/disallow-script-button/ disallow Script Button]''' {web link} The Disallow Script button looks like a letter "M" and the title is the Minus Script, drag and drop the button on a toolbar. If the button is not displayed then nothing operates, except rules for plugins. ------- Another way out of the trap is to (force it if needed) '''Close Firefox.''' Wait about 20 seconds for Firefox to finish closing. Right click on the Firefox icon and select '''Open New Window.''' Sometimes this works. If it opens, close it by '''Menu > File > Exit.''' This will flush out that web page from the Session Store.
Was this helpful to you?
Quote
FredMcD
  • Top 10 Contributor
2687 solutions 36200 answers

Hello,

I am glad to hear that your problem has been resolved. If you haven't already, please select the answer that solves the problem. This will help other users with similar problems find the solution more easily.

Thank you for contacting Mozilla Support.

Hello, I am glad to hear that your problem has been resolved. If you haven't already, please select the answer that solves the problem. This will help other users with similar problems find the solution more easily. Thank you for contacting Mozilla Support.
Was this helpful to you?
Quote

Question owner

Hi ...thank you so much for all your time and expertise, but I still need my main question answered. Has my computer been compromised? Is it safe to use...or should I call my bank etc to change my information. I am afraid of identity theft..etc. it seemed, from your first answer, that this is just a scam to get you to call a phone number and pay money..but I need to be sure. Thank you.

Hi ...thank you so much for all your time and expertise, but I still need my main question answered. Has my computer been compromised? Is it safe to use...or should I call my bank etc to change my information. I am afraid of identity theft..etc. it seemed, from your first answer, that this is just a scam to get you to call a phone number and pay money..but I need to be sure. Thank you.
Was this helpful to you?
Quote
FredMcD
  • Top 10 Contributor
2687 solutions 36200 answers

Chosen Solution

A browser only displays what a website sends. There should not be a breach. Running the scanners will make sure there are no surprises left behind.

A browser only displays what a website sends. There should not be a breach. Running the scanners will make sure there are no surprises left behind.
Was this helpful to you? 1
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.