Scam Alert: "Your phone has been hacked..."

 

I saw this fake message in a pop-up on my iPhone recently:

"Your phone has been hacked. All your actions on the device are tracked by a hacker. Immediate action is required!" The popup then offers a clickable link to correct the problem.

Alarm bells should go off in your head anytime you see a message like that with a link, not because your phone has actually been hacked, but because it's about to be, but only if you do what the popup says to do and click on that link. The link will prompt you to inadvertently download malware trying to correct a non-existent problem. If there's any doubt in your mind that you may be looking at a scam, always websearch the message first before taking any "immediate action."

What I was doing at the time the message appeared was using Duck Duck Go, a web browser, to go to a legitimate website. The website itself likely had been hacked so that people visiting it with a smartphone would see that message in a popup. Simply closing the browser did not resolve the issue because the popup would reappear as soon as the browser was reopened. The scam popup message also temporarily blocked my ability to take any other action with the browser (e.g. closing the popup message itself, closing the tab it popped up on, opening another tab, or erasing the history); the only option seemed to be clicking the link. To get rid of this popup, I had to turn off and restart the phone, restart Duck Duck Go and then immediately erase the history before the popup could reload. That did work.

There are reports online of apps infected with this message as well; in that case, you should delete the app and wait for a time before reinstalling it. Some phone browsers offer a setting to disable popup messages; Duck Duck Go apparently does not, and some websites requiring a login don't work well legitimately if popups are disabled.

--
"141 could draw faster than he, but Irving was looking for 143..."

messages like that on a

messages like that on a computer can often be cleared simply by running a cleaner and removing temp files.

Whenever I have gotten one of these in the past,

I have closed the window and then deleted all of the history. That seems to take care of it.

--
With God, all things are possible. ——State motto of the Great State of Ohio

Cookies

I had that problem on my Win 10 PC once.

After deleting the Malware, the popups kept appearing in Chrome. Ran the anti-malware/virus software again and nothing found. No unrecognizable programs running in Task Manager.

Deleted all my cookies and the problem went away.

--
Metricman Nuvi 3597 GTM-60 Traffic Receiver Williamsburg, VA

where are the settings found

Lost Anyway wrote:

...
The scam popup message also temporarily blocked my ability to take any other action with the browser (e.g. closing the popup message itself, closing the tab it popped up on, opening another tab, or erasing the history); the only option seemed to be clicking the link. To get rid of this popup, I had to turn off and restart the phone, restart Duck Duck Go and then immediately erase the history before the popup could reload. That did work.
...

On my Android version of DuckDuckGo I can't find any settings at all. Also, I believed that one of it's advantages was that it didn't maintain a history. I realize that you don't have the Android version, so I ask others, where are the settings found?

Text Messages Too

Got a text message on my phone: "Debit of $450 has been made, kindly examine details. https://bit.ly/...."
No thanks, I now keep my debit card locked except when I use the card, and lock it immediately after I use it (and verify that it is locked a few hours later).
Everyone using a smartphone and/or email really should take a training course on phishing. My PayPal account gets "suspended" a couple times a week!!!!
Mark

Fake McAfee

Just today, McAfee (supposedly) sent me an e-mail warning that I had 27 viruses on my laptop! I have not used their software in over a decade.

Doubt "even dollar" sums

baumback wrote:

Got a text message on my phone: "Debit of $450 has been made, kindly examine details. https://bit.ly/...."...
Mark

I'm glad that so many scams have pour English grammer and spelling since there so eazy to spot. Another red flag that I don't see mentioned online, etc. is that the scams state that a charge of $xx was made and they always seem to be exactly a dollar amount with no cents. As much as sale tax can be an annoyance, a true charge made to an account in the US will most likely be $xx.yy, not $xx.00. My "tip of the day." cool

Clearing browser history

minke wrote:
Lost Anyway wrote:

...
The scam popup message also temporarily blocked my ability to take any other action with the browser (e.g. closing the popup message itself, closing the tab it popped up on, opening another tab, or erasing the history); the only option seemed to be clicking the link. To get rid of this popup, I had to turn off and restart the phone, restart Duck Duck Go and then immediately erase the history before the popup could reload. That did work.
...

On my Android version of DuckDuckGo I can't find any settings at all. Also, I believed that one of it's advantages was that it didn't maintain a history. I realize that you don't have the Android version, so I ask others, where are the settings found?

On the Duck Duck Go browser in iOS, there's a flame icon at the bottom. Touching that will "Close Tabs and Clear Data." So I may have misspoken about clearing history, if that isn't kept anyway in Duck Duck Go, but touching that flame icon "clears out the browser cache, any cookies and any trackers, and closes all open tabs," so it's a useful thing to hit for the sake of privacy when you're done viewing all open tabs.

I agree with CraigW that often problems in spelling and grammar are a key tipoff to a scam, but this one had good spelling and grammar. It looked legitimate and was hard to get rid of, so I do think it would ensnare some people using Duck Duck Go, or people using Safari etc. who hadn't opted in browser Settings to block popup windows.

--
"141 could draw faster than he, but Irving was looking for 143..."

Only after the first transaction can you see the flame

Lost Anyway wrote:
minke wrote:
Lost Anyway wrote:

...
The scam popup message also temporarily blocked my ability to take any other action with the browser (e.g. closing the popup message itself, closing the tab it popped up on, opening another tab, or erasing the history); the only option seemed to be clicking the link. To get rid of this popup, I had to turn off and restart the phone, restart Duck Duck Go and then immediately erase the history before the popup could reload. That did work.
...

On my Android version of DuckDuckGo I can't find any settings at all. Also, I believed that one of it's advantages was that it didn't maintain a history. I realize that you don't have the Android version, so I ask others, where are the settings found?

On the Duck Duck Go browser in iOS, there's a flame icon at the bottom. Touching that will "Close Tabs and Clear Data." So I may have misspoken about clearing history, if that isn't kept anyway in Duck Duck Go, but touching that flame icon "clears out the browser cache, any cookies and any trackers, and closes all open tabs," so it's a useful thing to hit for the sake of privacy when you're done viewing all open tabs.

I agree with CraigW that often problems in spelling and grammar are a key tipoff to a scam, but this one had good spelling and grammar. It looked legitimate and was hard to get rid of, so I do think it would ensnare some people using Duck Duck Go, or people using Safari etc. who hadn't opted in browser Settings to block popup windows.

Ahhh. Got it. When you initialize DuckDuckGo you only get the field to key into at the top and the keyboard at the bottom. Only after the first transaction can you see the flame (which in my case (under Android 8) is at the top).

Thanks.