A friend rang me today. As you can see from the attached screenshot she had a pop up in Firefox warning her of a critical error. The website she’d been taken to had a female voice warning her that her computer was infected and she should phone an 0800 number.
I did a whois search on that long domain name and it was registered today (2oth December 2016) to someone in Delhi. I presume if my friend had rung the number she would have been put through to an Indian scam Microsoft technical support line, who would have tried to take money from her for “fixing” her computer.
It took me a while to work out how to get rid of that pop-up as Firefox wouldn’t close. I opened Task Manager and closed Firefox. When I reopened FF, the pop-up reappeared.
Finally I hit on a solution.
I scanned her computer with Malwarebytes and Superantispyware. Malwarebytes found nothing. Superantispyware, on the other hand, found loads of cookies (Malwarebytes ignore cookies). I deleted all the cookies that Superantispyware found and reopened Firefox.
This time, it gave me a message telling me that it was “embarrassing” that it was having trouble opening the previous tabs. Which mercifully meant that the tab with the pop-up didn’t open.
I have suggested she updates both antispyware apps later today and rescans the computer. But we are hoping that clearing the cookies has cured the problem.