Scam Number: 1-888-669-6762
Additional information about this scam: Just got hit with a fake full screen popup claiming my computer was infected. This number seems new; couldn’t find previous results in Google.
Wanted to post this quickly. Will provide more details after I dig into it.
To Fix:
Press F11 to get your browser back (might be Function [Fn] + F11 on your computer).
Be safe friends.
Update:
First, thanks to @OfclyGoodenough for the number rundown and a quick call.
See my updated screenshot above. This one has the full URL:
https://freshgreenscapes.com/?gad_source=5&gclid=Cj0KCQiAsOq6BhDuARIsAGQ4-zheK1DnfiKTtu2fwp3ClaXZIXQt1xTPdF1cWGTu8NZ_2o-H_at5YnQaAsYDEALw_wcB
Other text from the image:
Windows Defender Security Center
App: Ads.financetrack(2).dll
Threat Detected: Trojan Spyware
Access to this PC has been blocked for security reasons.
Contact Windows Support: +1-888-669-6762 (Toll-Free)
The site you will see now appears to be a landscaping business. However, on closer inspection, it is just a shell website with basic page links and cookie functions. The company, address, phone number, people, and landscapes do not exist.
The click that sent us to the page was a banner ad in the middle of an article. This actor took advantage of Google’s Ad system to generate an ad categorized as “landscaping”: a large yellow banner with the word “Continue” on a button (wish I had a screenshot of that). The Google Click Identifier (gclid) parameter no longer takes victims to the full page video so this makes it harder to convince domain registrars that the site is malicious.
After this, of course, we locked down Edge to “Strict” mode and turned off more of the intrusive advertising.
- Domain: freshgreenscapes.com
- Registrar: NameCheap, Inc.
- Registered On: 2024-11-18 (< 1 month old)
- Expires On: 2025-11-18
