ItsGeekToMe.co

Q: I recently did a Google search on a subject — can’t even remember what now, but that’s not important.  As I scrolled through the search results, an alarm sounded and a red screen came up telling me my system was now locked, and to call a Microsoft support number for assistance. I don’t know what else it said, because I got very scared and unplugged my machine right away. What happened, and did I do the right thing?

 – Wendy S.
Bluewater Bay, Florida

A:  First of all, slow down, and take a deep breath, Wendy. Okay, you can stop holding it now. I can tell you with 100% certainty that you did exactly the right thing by refusing to engage with that screen, even if the whole unplugging part was a bit more dramatic than necessary.

You encountered a classic, albeit terrifying, “Tech Support Scam” or “Scareware”.  What happened is actually quite simple, despite how high-tech and “official” it looked. You didn’t do anything wrong while searching; you likely just clicked on a search result that led to a compromised website or an ad network that had been hijacked.

Despite appearances, the “red screen” and the blaring alarm weren’t coming from your computer’s operating system (like Windows or macOS) where one might expect them to originate if the alert were actually real. Rather, they were coming from your web browser. Scammers who perpetrate this kind of trash use a bit of code trickery to force your browser into Full Screen Mode, which hides your taskbar and desktop, giving the appearance that your entire computer is locked or has crashed. They often throw in a loud, looping siren or a robotic voice warning you of “Critical Security Breaches” or rampaging viruses, all designed to do an end-run around your brain’s sound logic and trigger your “fight or flight” response.  Obviously, you chose flight and took your system down rather than obey what the screen said.

So, what was the end goal? To get you to call that phone number on the screen. If you had called, you would have reached a “technician” not at Microsoft, but in some boiler-room call center, probably overseas and out of reach of our country’s law enforcement.  This tech would have tried to convince you to give them remote access to your PC so they could “fix” the non-existent problem.  Oh, and not in the interest of good customer relations, or out of the kindness of their heart, but for a hefty fee – usually a few hundred dollars.

Did you do the right thing?  Yes, absolutely. By cutting the power, you broke the “spell”. While pulling the plug isn’t the healthiest way to shut down a computer (it can occasionally lead to file corruption if the PC was in the middle of writing data), it is infinitely better than calling the scammers.

If something like this happens again, you needn’t reach for the power cord. You can usually defeat these screens by:

• Pressing the “Esc” key: This often exits the full-screen mode so you can see your browser tabs again.
• The “Three-Finger Salute”: Press Ctrl + Shift + Esc (or Ctrl + Alt + Delete) to open the Task Manager. Find your browser (Chrome, Edge, Safari) in the list and click “End Task”.
• The Hard Power Down: If the mouse and keyboard are totally unresponsive, just hold the physical power button on your computer for 10 full seconds until it goes dark.

Since you’ve already powered it back on (I assume, since you’re reading this!), here are some steps to help make sure everything is clean:

• Don’t “Restore Pages”: When you re-open your browser, it might ask if you want to “Restore previously open pages.” Say NO. If you say yes, it will just load the scary red screen again.
• Clear Your Cache: It’s a good idea to clear your browser’s temporary files and history to ensure no “leftovers” from that site are hanging around.
• Run a Scan: For peace of mind, run a full system scan with your built-in antivirus (like Windows Security) or a reputable tool like the free version of Malwarebytes.
• Install an Ad Blocker: Most of these redirects happen through shady advertisements. Using an extension like uBlock Origin can prevent these scripts from ever loading in the first place.

Bottom line: You’re safe, at least from the incident you mentioned.  Your computer is fine, and you’ve earned bragging rights of having graduated from “Scareware Victim” to “Savvy Geek Devotee.”  Welcome to the club!

---

To view additional content, comment on articles, or submit a question of your own, visit my website at ItsGeekToMe.co (not .com!)