YOUR COMPUTER HAS BEEN BLOCKED is a message that accompanies quite a few tech support scams, as well as some ransomware viruses. Those scams can appear on your PC in a lot of ways, the worst of which is due to a Trojan horse. Most of the scams have websites spreading them, which can lock you out of your browser to a point you cannot interact with it. A small number of scams are even more complex and integrate with your system on a higher level. They lock your desktop screen, holding your computer hostage, as ransomware viruses do. Fortunately, those scams do not encrypt files. Every scam uses one or more phone numbers. You should carefully read this article to see how to remove such types of malware.
|Name||YOUR COMPUTER HAS BEEN BLOCKED "Virus"|
|Type||Tech Support Scam|
|Short Description||A tech support scam stating that your computer is blocked and in some cases actually doing that. The end goal of these scams is to scare you or somehow force you into calling a phone number.|
|Symptoms||The message “Your computer has been blocked” appearing as a pop-up box, notification, error or as a whole page locking your browser or PC screen. You will be given a phone number and you will be lied to by crooks that you have a virus.|
|Distribution Method||Freeware Installers, Suspicious Sites, Redirects, Trojan Horse|
|Detection Tool|| See If Your System Has Been Affected by YOUR COMPUTER HAS BEEN BLOCKED "Virus" |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss YOUR COMPUTER HAS BEEN BLOCKED "Virus".|
YOUR COMPUTER HAS BEEN BLOCKED – “Virus” — Update December 2018
A recent hybrid attack campaign carrying the “YOUR COMPUTER HAS BEEN BLOCKED” – “virus” threat has been identified. The attacks are done by spawning pop-ups on malicious sites that the users get redirected to. Common tactics include the creation of phishing pages or ones with domain names that may appear as legitimate login pages. This is the case with the newest release of the attack campaign that poses as a page belonging to “Microsoft Official Support”. It will spawn pop-up messages with the intent to trick the users into falling for the fake tech support scam.
The following phone numbers has been found to be associated with it: : +1-855-534-8622 and 888-340-8444.
YOUR COMPUTER HAS BEEN BLOCKED – Update July 2017
In July 2017, the scams that use the YOUR COMPUTER HAS BEEN BLOCKED message to scare people have increased. Typically, technical support scams use the message to try and trick you that you have a virus on your computer device. One of the latest trends around is the lie that you have the WannaCry virus, which became popular in the middle of month May, and kept being the theme for a lot of malware since then. New websites representing tech support scams are being created, which spread messages with new telephone numbers for you to call alleged Microsoft technicians, claiming that only they can fix your computer. These website pages are most commonly phishing pages that look like either the front page of the Microsoft official website or Google’s security warning that informs you about malicious domains. Be careful, do not call such numbers for unique support technicians, do not provide personal information and do not believe a browser detecting viruses on your PC unless you check with a security program first.
Update July 2017. Unfortunately, these tech support scams continue to spread in the wild, infecting users via various methods. As you will read later in the article, most tech support scammers rely on companies such as Microsoft to make their attempts more successful. The Microsoft approach definitely works at high rates as users tend to call the provided numbers once they see they should contact Microsoft Tech Support for assistance. Please remember that Microsoft doesn’t own a tech support line. This should be a clear indication of your system being invaded. One of the most recent reports by a victim clearly shows that users are easily tricked by the displayed message claiming their computer has been blocked. Remember that calling unsolicited numbers provided in such dubious ways is never a good idea.
YOUR COMPUTER HAS BEEN BLOCKED – Spread
This tech support scam has many variations. That’s why the YOUR COMPUTER HAS BEEN BLOCKED message can be displayed on your computer due to different spread methods. A common way for it to appear is when you are surfing the Web. When you visit websites which are suspicious and of unknown origin, they can spread the scam via redirect links or advertisements. Clicking on the ads or redirects is not always necessary as any interaction with the site might trigger them. Sometimes, just by leaving a website open can drop malicious files on your computer which load other sites supporting the scam. Phishing websites can make the message of the scam appear, too. It is easy to land on such sites because of a single spelling mistake in a URL.
The worst case scenario that can happen to show you the YOUR COMPUTER HAS BEEN BLOCKED message is if you have a Trojan horse present in your system. The Trojan horse may have installed itself using some of the spread methods mentioned above. In other cases, you may have installed it, without realizing that. You may have thought that you are installing an application which is useful. Many such third-party programs come bundled with other freeware and supposedly useful software. Unfortunately, some can secretly install additive features or even malware. To avoid additional content being put in your PC by such installer setups can be managed if your find Advanced or Custom options in the setup.
YOUR COMPUTER HAS BEEN BLOCKED – Details
YOUR COMPUTER HAS BEEN BLOCKED is a message that can appear on your screen from a tech support scam. The message can appear in a website page, notification, an error or a pop-up message. A phone number is always provided, which is supposed to be a number for contacting support technicians from Microsoft or another reputable company from the security sphere.
In some cases, you can experience your screen or browser being locked or an audio message being played for maximum effect. The file is usually played via the Adobe Flash Player or a similar plugin. The audio message can be applied to lots of such websites, especially if the number is not said in the audio file. The voice of a woman or a man urges you to call the number. You can hear such an example from the audio sample right here:
Many of the websites related to these tech support scams are made to look like the official Microsoft website. See an example of a fake Microsoft site from the below screenshot:
People who work in IT or are tech savvy will all tell you the painful truth, that Microsoft does not have a support call line. Knowing that information and seeing a phone number on a copycat site is a dead giveaway, but not for people who are unaware of that fact. You can easily fall victim to such a scam, especially when you are bombarded with pop-up messages such as YOUR COMPUTER HAS BEEN BLOCKED non-stop. The most common variant of such a scam employs a one-page website with a picture background which is a snapshot of the real Microsoft site as seen in the above image. There are two generic messages written inside the pop-ups:
** YOUR COMPUTER HAS BEEN BLOCKED **
Error # 268D3
Please call us immediately at +1-844-730-8222
Do not ignore this critical alert.
If you close this page, your computer access will be
disabled to prevent further damage to our network.
Your computer has alerted us that it has been infected
with a virus and spyware. The following information is
>Credit Card Details
>Email Account Login
>Photos stored on this computer
You must contact us immediately so that our engineers
can walk you through the removal process over the
phone. Please call us within the next 5 minutes to
prevent your computer from being disabled.
Toll Free: +1-844-730-8222
*Your Windows (Microsoft) Computer has been blocked*
Windows System Alert!!
Call Microsoft At 1-888-243-3533
You have been blocked from accessing the Internet.
Private and financial data is at RISK:
– Your credit card details and banking information
– Your e-mail passwords and other account passwords
– Your Facebook ,skype,AIM,ICQ and other chat logs
– Your private & family photos and other sensitive files
– Your webcam could be accessed remotely by stalkers
It is Required that you call the number above and get your PC inspected before you continue using your internet, especially for Shopping or Banking.
The second message varies a bit and actually states Your Windows (Microsoft) Computer has been blocked. That exact same message can be seen in the third type of this scam, this time being loaded as a notification or an error box directly inside your desktop computer:
The error box is loaded without the requirement of an Internet connection, and it is displayed, because of malicious software, files and registry entries related to the scam are inside your computer. A Trojan horse is not excluded to be managing those files to remain persistent on your machine, so whatever action your try to perform on your PC, the message to be stuck there. That can also lock your desktop screen, and you could be unable to interact with your computer device just like ransomware viruses do.
The locking of your screen may or may not happen depending on the files residing on your machine and the type of tech support scam. That brings us to the fourth and final variant (for now) of the YOUR COMPUTER HAS BEEN BLOCKED message. Here, the website pushing the scam will lock your browser, and the word blocked in the message will be turned into locked. The website will look exactly like a legitimate Google Chrome Warning for a phishing site or malicious activity. You can see an example in the picture below:
The full text on the site says the following:
Your computer has been Locked
Your computer with IP address – has been infected by the Virus RDN/YahLover.worm!055BCCAC9FEC — Because System Activation KEY has expired & Your information (for example, passwords, messages, and credit cards) have been stolen. Call the Technical Support number +1-844-556-7757 to protect your files and identity from further damage.
Call Technical Support Immediately at 1-844-556-7757
The following data will be compromised if you continue:
2. Browser History
3. Credit Card Information
The virus is well known for complete identity and credit card theft. Further action through this computer or any computer in the network will reveal private information and involve serious risks.
With that, the main four variants of the YOUR COMPUTER HAS BEEN BLOCKED technical support scam are exposed.
You can check out one of the most notorious such scams in the articles given down here:
- Computervirusalertsystem.today (1-844-730-8222)
- Error #268D3 (1-855-712-8551)
- Sweep Clean PC Pro (1-888-243-3533)
All phone numbers given in the article are for the purposes of giving real examples, and you shouldn’t dial any of them. If you see another website with phone numbers provided in a similar way, you shouldn’t call them.
The cybercriminals on the other end of the phone line will try to keep you on the line and lie to you. The lies go from how you shouldn’t tamper with your PC except when they instruct you, to how you need to provide personal information. They want your personal data to either sell it on the black market to the highest bidder or to empty your bank account if you provide them with your banking credentials. You can read more about how similar phone scams originating from Indian call centers make millions for the people behind them. Besides the money, bigger problems could follow, such as identity theft for instance.
YOUR COMPUTER HAS BEEN BLOCKED – Update February 2018
There are new landing pages with redirects, pushing the scam, stating that YOUR COMPUTER HAS BEEN BLOCKED. Along with that lie, you will see more redirects that show pop-ups with the text “Error 268D3-XC00037”. What is more, you can see other, similar scams on these redirect pages. The address 1aend.cf/call-microsoft-at-855-381-5333/ or something of the sort is one of the domains pushing the latest variation of the scam. As you can guess, the following telephone number is used by the scammers:
The scam hasn’t changed tremendously, but you will be redirected more than once and your browser will get locked.
YOUR COMPUTER HAS BEEN BLOCKED – Update September 2017
This September, a tech support scam has been discovered, stating that your computer is blocked due to the infamous Zeus virus. It is believed that the scam is a variation of the “YOUR COMPUTER HAS BEEN BLOCKED” scam as it also uses some of its messages to try and trick users. The exact message is “ZEUS VIRUS DETECTED”” and the scam has a few different variants, and each of them has many domains which only have the URL and phone number altered.
YOUR COMPUTER HAS BEEN BLOCKED – Update August 2017
On the first of August, 2017 a ransomware variant with a similar theme has appeared, which pretends to be sent by the Federal Bureau of Investigation (FBI). That ransomware is called the Scotch Tape Locker Ransomware and locks your computer device, while stopping all access to your computer. It demands a ransom and tries to use a scare tactic to make you pay up. However, you should not pay as this is probably removable. Similar variants have been seen in the past, and it is expected for more of them to pop up in the future as well.
This is how that ransom note looks like:
YOUR COMPUTER HAS BEEN BLOCKED – Update July 2017
The scams do not stop with the tech support related ones, but elevate even further into ransomware cryptoviruses. This has happened a couple of years before, with ransomware that claims that a government agency like the CIA has locked or blocked your computer system and you have to pay a fee or you will end up in jail. The same story repeats itself now in 2017 with that kind of ransomware returning and a prime example of that is the Matrix ransomware virus. You can check out the article about it for further details or just see its ransom note below and see how the FBI (Federal Bureau of Investigation) is being used to scare users like you into giving money:
We have also created a video that should help you remove YOUR COMPUTER HAS BEEN BLOCKED virus from your system:
More removal instructions are available below.
YOUR COMPUTER HAS BEEN BLOCKED Removal
To remove the YOUR COMPUTER HAS BEEN BLOCKED tech support scam and its related files manually from your PC, follow the step-by-step removal instructions provided below. If the manual removal guide does not get rid of the scam and its redirects completely, you should search for and remove any leftover items with an advanced anti-malware tool. Software like that will keep your system secure in the future.