With real screen｜Microsoft warns me that I have a virus!????

There is a well-known image material site that I always use, and this morning, when I was using the site, something happened…!

Normally I would be careful, but I’ve been using this site for years, so I clicked on it without thinking about it…

Suddenly, the screen changed to a screen that said something about a virus infection, and an intense warning sound started. (@_@;;;)

Well, this is a common scam pattern, but… when it actually happens to you, you are still very nervous (sweat).

To sum up, it was still a scam screen, and I ignored it and did not suffer any damage.

I ignored it and did not suffer any damage. However, it is a good opportunity to look back on the situation and summarize what I did, what I should do, what I should not do, etc.

What was the situation and what was the screen like?

As I mentioned earlier, I have been using a major free image material site for about 10 years now. I went to download an illustration there and proceeded as usual…

I was just above the download button when I saw an unfamiliar display.
I’m sorry, I don’t remember exactly what it said.

But I think it was natural, because I was (or thought I was) very careful about such things and quickly pressed the button.

At that moment…

Then, after a couple of seconds, I heard a raspy warning sound from the speakers and a female voice announcing that I had been infected with a virus.

The screen from that time was left behind, so I am posting it here. Here it is.

Here is a close-up of the center part of the screen. Please enlarge the image as necessary.

Let me write out the text part.

By the way, as you can see in the whole image, the darkened background is a screen from Microsoft’s English website.
It says “Contact Microsofe Support” and I think this is probably copied from the real US Microsoft site.

Next, I also got this screen. A very simple black background with a blue obi,

Call Microsoft Security Center: (tax free) (050)-5532-2384. Hmm? Tax free? (LOL).

The URL for this screen was displayed in the lower left corner of the black screen.
It seems to be a strange URL…

I will mention it later, but there are many things that seem strange from these images.

This is not a quiz, but if you notice anything, please make a note of it. We’ll check the answers later.

What not to do

First of all, you should know that 99.99% of these “your computer is infected with a virus”, “please call Microsoft support at 050-XXX-XXX”, or “a warning tone will sound” are scams. (I can’t be 100% sure, but I’d say virtually 100%.)

Never call them!

If you call, they will probably say something like, “I’m a Microsoft support representative,” which will make you even more anxious and tell you to pay because you need support.

I can’t tell you because I was unintentionally dreading that moment myself (sweat), but if something scary is written on the screen, or a loud warning sound comes up or a human voice says it’s dangerous, it may make you more anxious, but don’t worry. Ignore it!

Calm down and first of all, turn off the power once and reboot.

When you reboot, you may end up not exiting correctly and you may see something like, “Do you want to restore?” may appear. In that case, choose “No” (do not restore).

If you choose “Yes,” the same warning screen will appear again and you will not be able to operate your computer.

And you should also “Clear History” when you start up your browser.

What I did

1 I immediately turned off my computer.

I use an Apple iMac (desktop) and there is a power button on the back of the screen. I physically turned it off by pressing that button.

If I had used a MacAir (notebook), I would not have been able to turn off the computer that way.

I am not familiar with Windows,

I am not familiar with Windows, but it seems that you can safely turn off the computer by pressing “Ctrl”, “Alt”, and “Delete” keys at the same time to start the task manager
→ End Task.

I think you should also check your own computer to see what you do when you want to turn off the power immediately.

2 Rebooting.

If the computer really had been hit by a virus, it might not restart or an error might occur during the restart process, but there was nothing special about that and it started up normally, so I was relieved for a moment.

3 I immediately checked for viruses with security software.

I have Virus Barrier software installed, so I did a quick check. I also checked for viruses with another software called CleanMyMac.

Both of them were perfectly fine, so I concluded that it was a false warning.

I’m sure it was just a scare tactic and there is absolutely nothing wrong with it, but just to be safe, I strongly recommend that you check for viruses once with your security software after rebooting.

4 I tried to reproduce the problem on the same site.

I then went into the same material site and tried to reproduce the same problem by proceeding in the same way as before.
However… I tried exactly the same thing, but could not reproduce the problem.

I wondered at what timing it would be displayed. I was bewildered. (^^;

What I found strange from these screens

There are various strange things in some of the images I have posted, but how many suspicious points did you find in these screens? ( ^-^) (^-^ )

(^-^); I’ll try again to find and write down what I think is “strange” from these screens (^-^) I’ll try to find and write down what I think is “strange” from these screens again (lol).

1 I use a Mac, so why Microsoft?

As I mentioned, I am using an Apple iMac.
If this was a warning from Apple, I would have taken it more seriously.
But I’m thinking, “Why Microsoft support?” Why Windows Security?” I think.

Of course, overall, the majority of people are using Windows PCs. I think it will feel very real to those people.

2 (Tax free)?

It’s in the blue obi, but suddenly (tax free) before the phone number… (laughs) If you wanted to put it in, it would be “toll free” or “toll free” (laughs).

3 It says “toll-free” but isn’t (050) charged?

050 is used for calls using an Internet connection, which in itself is not strange.

However, it costs about 10 yen per 18 seconds to call 050 from a landline, so it is not a toll-free number.

050 itself is not strange, but it is true that phone numbers with 050 actually cannot be traced back to their origin, so they are often used for scams, etc., resulting in the image that 050 = suspicious.

4 The URL of the page is not a Microsoft domain.

The URL of the displayed page is https://practical-perman.157-230-….
Microsoft’s legitimate support page is
at https://support.microsoft.com/ja-jp/contactus,
Even if it was a related article, microsoft.com should always be in the URL.

5.In the URL, you will see “plesk.page/ and gclid=.”

I am not too familiar with this, but plesk is server management software, and gclid is a variable for advertising-related analysis, so it seems strange that a support page from Microsoft would include these things.

In the first place, I don’t think it is possible to include a phone number in the URL or a long string of alphabetical characters such as EAlalQobChMIzv… in an official page.

Finally, I looked up｜050-5532-2384 on the Internet.

I looked up [050-5532-2384] on sites such as “Phone Number Search” and “Phone Number Search @ Junk Call Check.
However, I could not find anything definite.

However, I did find out that this number has been reported as a nuisance call by several people, and there were warning articles and comments on the Internet from several people about the kind of “virus infection” that I experienced, in which the person “tells you you are infected with a virus and makes you call them.

The basic rule of thumb is to not click on any suspicious buttons or images, but if you do press one and get a strange warning, don’t panic. Do not take any action such as calling them.

Also, I don’t think there is anyone who doesn’t use any security software, but that’s a no-no.

It doesn’t matter which company you use, but it is important to have security software installed and constantly monitored.