Fake Metropolitan Police warning - AKA The ukash virus

Austerity cuts and all that, I suppose plod have to look at all avenues of generating revenue.

I deal with this one on a weekly basis at least! Malwarebytes DOES remove it all, but in some cases I've needed to slave the drive up to another machine and run the scan from there.
In some cases it also blocks internet access even if you start in "Safe mode with networking" so you'd need to know how to undo these changes manually if it hit you in that way - but this isn't as common.

It basically suggests that you've either been downloading illegal content or child pornography etc., and requests a £100 fine to "unlock" your PC again. Anyone with common sense would know that the police would be breaking your door down if they traced this kind of activity - and they certainly wouldn't give you a "GET OUT OF JAIL FOR £100" option.

But at a first glance, as Alee has said - it looks convincing! To a point where common sense could be blocked out with shock!

@Alee - if you haven't already done so, start windows in "Safe mode with networking" (press F8 repeatedly at switch on to get this option) and once running in safe mode open Malwarebytes... then update it BEFORE running a FULL scan to ensure you are rid of all traces of it. It does sound like it's possibly lurking around still in whole or part.

Thinking about it, I suppose this works like many other scams work, whereby peoples own common sense is blocked by the use of a false authority. People have been burgled by "uniformed people" because they feel that they are people you can trust. In this case you see a message from the police - with police logos and the mention of Scotland Yard. These people are scammers at their worst praying on peoples trust etc.

wmrcomputers said:

Thinking about it, I suppose this works like many other scams work, whereby peoples own common sense is blocked by the use of a false authority. People have been burgled by "uniformed people" because they feel that they are people you can trust. In this case you see a message from the police - with police logos and the mention of Scotland Yard. These people are scammers at their worst praying on peoples trust etc.

Click to expand...

Scam cops will even nick your car in Shropshire - http://www.bbc.co.uk/news/uk-england-shropshire-17815390 .

wmrcomputers said:

@Alee - if you haven't already done so, start windows in "Safe mode with networking" (press F8 repeatedly at switch on to get this option) and once running in safe mode open Malwarebytes... then update it BEFORE running a FULL scan to ensure you are rid of all traces of it. It does sound like it's possibly lurking around still in whole or part.

Click to expand...

Does it only affect Windows PCs?

Lunar Scorpion said:

Does it only affect Windows PCs?

Click to expand...

It doesn't seem to bother with the PCSOs...

Lunar Scorpion said:

Does it only affect Windows PCs?

Click to expand...

yes, at the moment it is only a windows issue.. it could in theory be "ported" to macs though, seeing as it could use some form of large scale DNS poisoning or other exploit to redirect all HTTP requests to the fake page that may be beyond the remit of OS X security..

to be honest though, you're unlikely to get it regardless, so i wouldn't worry.. as long as you don't click anything stupid, you are safe.. i have been using PCs for over 20 years, and never once had a virus in that time, and i hang out in & download stuff from some very shady corners of the internet lol

db said:

yes, at the moment it is only a windows issue.. it could in theory be "ported" to macs though, seeing as it could use some form of large scale DNS poisoning or other exploit to redirect all HTTP requests to the fake page that may be beyond the remit of OS X security..

to be honest though, you're unlikely to get it regardless, so i wouldn't worry.. as long as you don't click anything stupid, you are safe.. i have been using PCs for over 20 years, and never once had a virus in that time, and i hang out in & download stuff from some very shady corners of the internet lol

Click to expand...

My current OS is Ubuntu 11.10, so I guess I'm safe then?

MOst virus vendors target Windows OS's only. People have believed for years that Mac's and such like are un-virusable... not true. It's just that nobody can be bothered to write a virus for them in my opinion. Admittedly, I also believe that Windows has far too many exploitable security issues making it an easy target. As said time and time again though most (but not all) people who get viruses usually know the exact kind of websites they're visiting

I agree totally with Admin's decision to change the thread title. UKash is indeed a genuine payment system available through Paypoint outlets. It's a way of buying a voucher with cash that some retailers will then except for online purchases. (My wife gets me to go to foregate st garage for one at 1am if she can't sleep and fancies trying her luck at bingo)

PS - Now you all know where to find me at 1am-ish most nights!!

There was a similar one when I worked at JC Computers about 5-6 years ago, said you'd illegally downloaded porn and you had to pay to remove the warning. Just want to embarrass you into paying up, especially as a few works laptops were brought in to us. I remember one guy coming in and saying yes he downloads a lot of porn, but never from that site so it must be fake!

I'm sick of removing that kind of crap from peoples' computers.
I'm tempted now to just do fresh re-installs and let them worry about how they should have backed up their (always vitally important) data.
Sadly, a Win XP -> SP3 -> download and install all drivers on your average Dell laptop (why is it ALWAYS Dell?) takes the best part of an afternoon.

Toble said:

I'm sick of removing that kind of crap from peoples' computers.
I'm tempted now to just do fresh re-installs and let them worry about how they should have backed up their (always vitally important) data.

Click to expand...

I'll remove them whenever possible, but sometimes a re-install is the best (and cleanest) way of doing it. As you say, a full install with drivers and updates can indeed take the best part of an afternoon, and then some of my customers have 100GB of data which they want to keep - hence why I've now started to charge data recovery as an additional job (previously I was charging £25 and could spend 8 hours on one machine because of the amount of data).

I also had a regular customer who surfed porn on his main business machine with all of his accounts on (is administration really THAT boring?) and used to have to call me out on a regular basis to recover his data from beneath the barrier of porn viruses. He couldn't be bothered to back up his data and learned the hard way one day when his hard drive died completely. When you say you are unable to recover a thing they just look at you as if you should be a miracle worker!

I've upset a few customers now by making an additional charge for data recovery, but PC world currently charge £79 for this alone. I've started to realise that I was wasting several additional hours for no extra cost in some cases, and peoples data is priceless! If they are so careless as to not back anything up then why should technicians like us spend our time trying to recover it unless it is worth our time and effort?

/rant

Agree entirely, no matter how many times we'd advise backups people still wouldn't bother - then look at you like you are a criminal when you ask for payment for the 5 hours you just spent trying to recover their baby photos.