SOLVED: Fake Virus Alert Technical Support Scam

I accidentally surfed to purolotor.com rather than Purolator.com and was taken to wndow-security.com which redirected to wndow-security.com/win/massage887sx.html which showed a fake (but very real looking Norton alert like the one to the right. The only way for me to keep the popup window from re-opening was to quickly END TASK on all of the IEXPLORE.EXE processes in Task Manager. After a short time, I thought it would be funny to jerk these guys around so I called their toll free number and faked extreme concern over the situation.  In fact, I claimed that I was so shook up that I was having chest pains.  After “taking my meds” and dragging the call out for 20 minutes, I eventually had a heart attack and hung up the phone.  That was fun! So, the questions that remain are what should you look for in a fake alert and what should you do about it. You can tell that it is fake because:

1. shockingly the graphics, text or address you are on is not quite right
   1. In my case the Norton logo was stretched wide just enough for me to notice it was oval and not round
   2. Also, the URL that I had been redirected to was wndow-security.com which is a misspelling of wIndow-security.com
2. I called back 5 times and always had the same pitch:
   1. Press the Windows Key and type iexplore www.support.me or iexplore fastsupport.com both of which had a warning about fake support calls
   2. They did not care about the problem they only wanted to take control of my machine, no doubt so they could install CryptoLocker or some other ransomware.

I asked several times for numbers to call the “tech” back at and I also hung up a few times but each time they would CALL ME BACK WITHIN 1 MINUTE even though I did not give them my number! The numbers below are phone numbers I was given to call:

• 1 844-741-9717
• 1 877-552-9914

and on line I have found many more take support call center numbers like:

• 1 844-277-9869
• 1 888-509-8066
• 1 800 819 5830
• 1 855 888 2809
• 0 800 051 3723
• 866-880-0239
• 0 800-051-3723
• 0 800-112-0034

and the list goes on.  I suppose these dirtbags must change their phone number every few days, just like they likely have the change their websites every few days (because they get shut down).

What remains is what to do about it and below are my suggestions:

1. REPORT THE NUMBER HERE!  Use the COMMENT box below to document both the phone number you called and the website URL you were taken to
2. Report the web site to:
   1. Google HERE
   2. Microsoft HERE
   3. FBI/NW3C Complaint Center HERE
   4. Norton HERE
   5. Trend Micro HERE
3. Call the number and waste their time but be certain NOT do what they say.  Tell them you need to get your meds because of the stress, or that your dad just came in (because you are a 9 year old girl), or that you have to take a minute to close the illegal German porn on the screen because you are embarrassed about it.
4. Report the number to other sites like www.whocalledme.com/PhoneNumber/844-741-9717