I got a message from Microsoft saying that my computer has been blocked because the Zeus virus was detected. Is this legit and what should I do?
This question was answered on January 12, 2017. Much of the information contained herein may have changed since posting.
The ongoing game by scammers to convince people that their computer is infected has taken some seriously convincing turns in recent months.
One such version of the scam generates what appears to be an official Microsoft message complete with logos and color schemes and a robotic voice saying ‘critical alert’.
Here’s an example pop-up:
** ZEUS VIRUS DETECTED - YOUR COMPUTER HAS BEEN BLOCKED **
Error: Virus - Trojan Backdoor Hijack #365838d7f8a4fa5
IP: 108.XX.XX.XX Browser:Chrome ISP: Mci Communications Services inc. Dba Verizon Business
Please call computer system technician immediately on: 888-XXX-4963
Please do not ignore this safety alert. Your Microsoft System Has Been Compromised. If you close this page before calling us, your computer access will be disabled to prevent further damage and your data from being stolen.
Since this particular scheme attempts to keep you from doing anything else, calling the posted toll-free number to get help seems to be a rational response for those stricken with fear.
We’ve also seen this attempted scam posing as a warning from your Internet service provider (such as Cox or Century Link) because the scammers can easily determine who your ISP is.
Understanding some basic red flags will go a long way in helping you avoid this and all of the subsequent attempts to trick you that are certain to come.
Tip #1 – Be suspicious of toll-free numbers
Large technology companies have spent millions to prevent you from calling them for help.
It’s just not economically feasible for companies that have millions of users or in Microsoft’s case, over a billion, to pick up the phone whenever someone needs help.
With this in mind, any time you see any error message pop-up on your computer urging you to call a toll-free number, assume it’s a scam.
Tip #2 – Get to know your security software
Knowing what you have installed to protect you from Internet threats will go a long way to helping you quickly sniff out scams. Chances are, you have a third-party program installed to protect you, so take some time to understand what it looks like and how it alerts you.
Tip #3 – Real tech companies don’t answer the phone
Anyone that’s ever tried calling to speak to a human at any large organization is always met by an automated attendant system.
Call routing systems are necessary because call volumes are very high, so when you call a toll-free number for tech support and a real-live human answers, you should always be suspicious (especially if they have a foreign accent).
Tip #4 – Killing the fake message
It may appear that your computer has been locked down, but in most cases you can simply shut down the pop-up to regain control. Windows users can use the Task Manager (Ctrl-Alt-Del to access it) to end the fake task and Mac users can use the Force Quit option to kill the fake session (yes, this Microsoft pop-up can appear on Mac screens as well!).
If all else fails, manually shutdown your computer, then restart it and immediately run the security software you know you installed.
About the author
Posted by Ken Colburn of Data Doctors on January 12, 2017