All EOS blogs All Spain blogs  Start your own blog Start your own blog 

Things of huge interest to some

PLEASE CHECK OUT Transferwise in INTERESTING LINKS, BOTTOM RIGHT, under latest posts and archive

Scam warning for anybody using Expat Shield
11 June 2012 @ 15:23

I saw this in another forum, be aware please!

This is a Scam warning for anybody using Expat Shield, not that I think it has anything to do with them actually.

This morning I switched on Expat Shield to watch BBC ‘I’ Player, then logged into MCF as I usually do, I didn’t notice that the Shield was still engaged.

All of a sudden the above appeared on the screen purporting to come from the ‘Met’.

It accuses me of illegal activity, such as watching ‘Kiddy porn’ and Rape videos and other disgusting things I don’t even understand (or want to!). It then goes on to accuse me of terroristic (?) activities and says that if I don’t pay GBP100 within 24 hours my computer will be confiscated (don’t ask me how!) and wiped clean.

It also states that I live in the UK. Now apart from one or two grammatical errors it also struck me as hilarious that a hundred quid fine will clear you of terrorist activities or of being a pedophile. They also don’t want you to pay by Debit/Credit card but by UKash or PaysafeCard which I’ve never heard of which are presumably untraceable.

It was impossible to clear and I had visions of trolling down to the PC repair shop on Monday morning. My expensive anti-malwear, anti-virus, anti-everything protection didn’t affect it or get rid of it and after 7 or 8 hours of scratching my head I eventually got rid with Spyware Blaster a free download that I’ve had on the PC for a few months.

Needless to say, Expat Shield is no longer on my laptop...........!

 



 



Like 0      




8 Comments

ElviriaDreamer said:
11 June 2012 @ 15:23

This is an old scam been going a while using various...they enter your sysyem via a legit programme (ie expatshield mine was tune up utilities and the hackers were based in Germany amongst other places). The reason it bypasses your security is because the offenders simply alter the coding of an old exploit and therefore it is not picked up by virus programmes as it will look like a new undiscovered threat. They will also hack sites SSL security certificate and access your pc via you logging into accounts. Now, although you have "cleaned" with Spywareblaster the chances are you may have some random files leftover or codes attatched to other files/pics that you cannot even find or know about. In fact reading back I would say "the programme you have had on your pc for the last few months" is what they have bypassed/exploited. Another is Spybot search and destroy. I NEVER recommend using free programmes for security although many are fantastic...you never know what comes with the download. Another to watch for is a sneaky windows update...another common target that often goes un-noticed as the user just thinks they are "updating their system". If you can find any "porn or filth" on your system take a screenshot of everything, and take it to your local police. Also If you use Facebook try this...turn your security to max, if you can check a box that allows you to scan encrypted connections do so. Then go to log into your account if you get a security warning advising you to disconnect or not enter the site...bingo...it means you are one of the millions that has got a nasty from there too. YOUR PC STILL NEEDS A GOOD CLEAN (reinstall everything if I were you) even if you think you you have got rid of everything (they will lock files with codes). I note the MET comment...there is actually a virus that has affected many (TRUE) and they are advising a visit to an american police site or computers will be useless from July 19th if not removed (not sure if true). These hackers and scammers have targetted my PC since 2008! Good Luck!


MARTIN said:
13 June 2012 @ 01:24

WITH REGARD TO THE CURRENT SCAMS OR SPAMS ABOUT
GETTING YOUR COMPUTER UNLOCKED UNLESS YOU PAY £100
DO NOT ,I REPEAT DO NOT DEPART WITH ANY MONEY EVER,
THESE SCAMS HAVE BLIGHTED ME QUITE OFTEN RECENTLY
WHEREBY MY PROGRAMME SUDDENLY STOPS AND A PAGE
APPEARS SAYING MY COMPUTER HAS BEEN LOCKED BECAUSE
,,,,,,,,, AND SAYS IN ORDER TO GET IT UNLOCKED I NEED TO
PAY X AMOUNT OR THEY GET THE METROPOLITAN POLICE ONTO
ME.
NOW, IN ORDER TO GET RID OF THIS U DO NOT NEED ANY
PROGRAMME INSTALLED AT ALL ,ALL U NEED TO DO IS SWITCH
OFF YOUR PC FOR A FEW SECONDS THEN SWITCH ON TO REBOOT
PRESSING SIMULTANEOUSLY CTRL+F8 KEYS IT WILL THEN ASK
U WHAT U WANT TO DO AND CHOOSE SYSTEM RESTORE .
IT WILL TAKE A FEW MINUTES TO DO BUT THE SPAM PAGE WILL BE
GONE,U WONT LOOSE ANY PROGRAMMES INSTALLED AND U WILL BE
BACK TO NORMAL AGAIN.

GOOD LUCK.



Freddo said:
16 June 2012 @ 10:40

Martin
using System Restore will only take you PC back to a certain date it will not clear the virus off your computer it will still be lurking on your hard drive and you need to use a good antivirus to deep scan for it


Mike said:
16 June 2012 @ 12:09

I suggest using Malwarebytes anti-malware... the free version is great and it's recommended by all the antispam/antimalware forums. I've been using it for years to help clean infected PCs.


james murphy said:
16 June 2012 @ 14:41

You will have much less of a problem if you use a VPN like Witopia or StrongVPN. You do have to pay for them (35GBP/year or so) but they are reliable and secure. Once you have a UK IP address you can watch BBC iPlayer and any other UK catchup service like Channel 4 and ITV. These services are worth paying for.


manxmonkey said:
17 June 2012 @ 16:34

I was hit by a rootkit virus last year which wiped my laptop, in fact it was a pair of virus that worked together making it impossible to clear one as the other one instantly re-acted. Luckily I thought, aha, I backed up to a stand-alone hard drive a couple of months ago. Then I realised the damned virus was on the back up as well so it had been lurking there for ages. It suddenly accelerated in its behaviour of interrupting the running of the laptop and then suddenly, while other people were in my office, started down-loading thousands of pages of internet sites, yes porn but mainly on-line gambling sites - all sites I'd never visited. Unfortunately no-one could get rid of the virus even though I had the top guys at Malwarebytes and Norton all working on it. I just literally had to buy a new laptop then pay someone to check all my individual files which I also held on a number of USB sticks before ensuring they were clean before restoring them to my re-created files! The disruption to my business and the loss of a particular contract cost me several thousand pounds. It's a known fact that police forces could trace these people and in my opinion they should then whip them and rub salt in their wounds before locking them away somewhere nasty but the simple fact is the police and governments don't see it as a problem worth putting any effort into. Wiki-leaks, yes. A legitimate guy selling batteries on the internet, yes, for that they’ll set up a multi-million dollar sting operation to “create a crime” but protecting the masses from this sort of disruption – nah. I lost hundreds of family photos as my only seriously triple backed up files were only regarding the business.
Now regarding paying for an IP address masking system I did this a couple of years ago but it slowed my system up. I chose a London IP address so that I could watch i-Player but it spent all the time caching. Perhaps they've refined it nowadays.



mike said:
21 October 2013 @ 12:26

This can get on your computer from a number of sources and is commonly known as ransomware. Combofix from bleepingcomputer.com is pretty good at removing it totally although occassionally IE needs to be have a system reset (in settings) after Combofix has done its stuff.




Elegant Butler said:
13 January 2014 @ 11:51

I've never had problems or been asked to pay for the older version of ExpatShield I'm using in Firefox. But when I tried using it in Opera to watch Russell Howard on the BBC, a scam attempt was made demanding money. So I don't think it's ExpatShield itself that's making the demand.


Only registered users can comment on this blog post. Please Sign In or Register now.