Lock My PC is not available for public due to frequent misuse by tech support scammers
Developers of Lock My PC, a legitimate application offered to business and regular customers for free, have announced that they will be providing technical support scam victims with recovery keys when locked out of their computers by tech support scammers. The utility is also now removed from public distribution and is only available upon request after contacting FSPRO Labs personally.[1]
Lock My PC, while being legitimately used from protecting Windows machines from unauthorized access, was recently vastly abused by online scammers who also downloaded and employed the application to extort money from victims online. Tech support scams are widely prevalent and mostly focus on various social engineering techniques in order to make users believe that their computer is infected with malware, or that their personal information is being stolen. Those who are less experienced, as well as vulnerable social groups like the elderly, are more likely to suffer from online fraud.
Previously, users were able to download Lock My PC directly from FSPRO’s official website, while currently users are shown the following notification:[2]
Important notice about Lock My PC scam issue
It has come to our attention that some scammers use Lock My PC for illegal activities (e.g. to extort money). The scammers falsely identify themselves as service providers, install Lock My PC on user computers without permissions and lock the computers.
Online fraud scheme: tech support scammers employ legitimate software to defraud users
Over many years now, tech support scammers compile a variety of fake messages, pop-ups, and other fake alerts while imitating Microsoft, Apple, Google, or other legitimate company. Best examples of scams include:
- “Your computer is infected with 3 viruses”
- “Pornographic virus alert from Microsoft”[3]
- “Microsoft has detected suspicious activity”
- “Your Computer Has Been Blocked,” etc.
Crooks often get creative and threaten victims with various consequences, including virus infections, banking credential exposure to cybercriminals, personal file deletion, or even hardware failures. Malicious actors then ask users to call the toll-free number to contact the “certified Microsoft technicians” to remove malware, safeguard personal information and prevent further damage to the computer – or at least that is what they insist. While many such scams can be recognized by various spelling and grammar mistakes, some users might get caught off guard and contact scammers.
Once on the phone, scammers proceed deceiving victims, and ask them to let to connect to the computer remotely with the help of applications like Teamviewer (which was previously blocked by UK’s ISP provider TalkTalk due to scams).[4] Once inside, crooks used Syskey to encrypt Windows OS to prevent users from accessing it unless a fee is paid. Because the program’s support was canceled by Microsoft with the release of build 1709,[5] crooks started looking at alternatives, and Lock My PC was the application that fits their needs.
Lock My PC operates in Safe Mode, making it hard for victims to recover control of their computers
When the computer is locked with Lock My PC, users will see an animated screen that displays a “Locked” message, which, once any button is pressed, also shows the “Unlock Computer” prompt. As evident, the password is only known to malicious actors, and users end up being locked out of their PCs.
What makes matters even worse for victims is that, even after rebooting into Safe Mode, they find that Lock My PC is still running, and, without bootable recovery tools, they are unable to use their computers at all. It is evident, however, that those affected by the scam would not have the technical skills that are required to unlock the machine with the help of recovery software.
Locked out users can now use a recovery password provided by developers. Software still available under certain circumstances
Seeing the great number of reports from victims, and, because the software was used for malicious purposes, FSPRO decided to pull out the utility from public use, including the cybercriminals:
After receiving too many reports of Lock My PC misuse, we decided to make our user access control software unavailable for public. However, the programs are still available for our existing customers on requests. New customers may request Lock My PC business edition only using their corporate email address.
Good news for victims is also that they now can unlock their computers with the help of a code provided by developers. If you are locked out of your computer due to the Lock My PC software, proceed with the following steps:
- Type in “999901111” into the password prompt and do NOT press Enter
- You will see a numeric code provided just below it
- Go to the Lock My PC 4.9 Free Edition Password Recovery page
- Type in the numeric code and you will receive a recovery password
- Enter the retrieved password into the pop-up on your screen and press Enter
- Remove Lock My PC software via Control Panel > Programs and Features section.
This entry was posted on 2020-02-10 at 10:14 and is filed under News, Spam and phishing.