Ask Dave Taylor
  • Facebook
  • Instagram
  • Linkedin
  • Pinterest
  • Twitter
  • YouTube
  • Home
  • YouTube Videos
  • Top Categories
  • Subscribe via Email
  • Ask A Question
  • Meet Dave
  • Home
  • Computer & Internet Basics
  • Ransomware paid, now they’re refunding the fee?

Ransomware paid, now they’re refunding the fee?

April 7, 2016 / Dave Taylor / Computer & Internet Basics, PayPal Help, Spam, Scams & Security / 1 Comment

I have been scammed by a computer repair company: I paid them $350 to repair my computer after their number came up on a crash screen.  It did sort of work after they fixed it.  Now they want to refund my money and tell me they created a paypal account for me and put $2,350.00 in it. Oh,my! The fellow mistakenly put too much in the account and now I must go to Walmart and send him the excess amount. What should I do?

Oh boy, you’ve been scammed not once, but twice. The first time was when you had your computer infected with malware that gave you that blue screen. The second time is the refund scam because, of course, there’s no money sitting in any PayPal account and if were sitting there, by the time you went to withdraw it, you’d find the balance had mysterious gone to zero.

The first scam was what’s called “ransomware” and it’s tough to deal with because it typically freezes up or locks up your computer until you pay the criminal money (often via Bitcoin since it’s untraceable) and they send back an unlock code or unlock it remotely. There have been some high-profile ransomware cases recently too, including Hollywood Presbyterian hospital in California.

Here’s a common ransomware screen:

ransomware blue screen

At that point, since you don’t want to encourage or pay criminals, the best thing to do is go into a local PC repair shop (try BestBuy if you don’t have other options) with your computer, your most recent backup, and a few days when you can be without the computer while they eradicate the problem. Often, clearing up ransomware involves reformatting and re-installing the operation system and apps, however, so be prepared and make sure you have good backups!

In terms of the “we overpaid, can you send us the difference”, that’s just a different type of scam that preys on the most gullible. Don’t fall for it. Of course they aren’t going to refund your money and even if they did, why set up a PayPal account? And how the &*($# would they “accidentally” put in so much more than the amount?

Here’s another common ransomware screen, this time with some encryption thrown in:

ransomware asking for bitcoin

The scam works like this: They send you altered paperwork to “prove” you now have $2350 in an account with your name on it. You pay back the over deposit – $2000 – and then they “give you access” to the remainder. Except none of it exists and you’ve now added $2000 to the $350 you originally paid these scammers.

Oh, and you haven’t gotten rid of the malware on your computer that triggered the ransomware in the first place, so expect it to happen again in a few months. That’s why you need to get some help rebuilding your computer at this point, not just trusting that the bad guys who ripped you off are going to remove their malware from your system!

Don’t be a victim, don’t believe anything you get via email, and make sure you have great backups.

Let’s Stay In Touch!

Never miss a single article, review or tutorial here on AskDaveTaylor, sign up for my fun weekly newsletter!
Name: 
Your email address:*
Please enter all required fields
Correct invalid entries
No spam, ever. Promise. Powered by FeedBlitz
Please choose a color:
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!
bitcoin, overpayment scam, paypal scam, ransomware

One comment on “Ransomware paid, now they’re refunding the fee?”

  1. Dave C says:
    June 20, 2016 at 7:35 pm

    Hi

    Actually, those screenshots you’re showing are NOT Ransomware screenshots, both of those are simply Scareware and can be easily defeated without taking your computer in for unnecessary repairs.
    Both of those screens are common when surfing the Internet and therefore, are browser based and they may seem to be difficult to get rid of since none of the browser buttons are visible or working and alt+F4 doesn’t always work (sometimes it does).
    What to do if you get these, or other similar scareware screens – right click the taskbar and click Task Manager. Find your browser instance in the Apps (W10), Running Programs (W7) tab, highlight it and click “end task”, that should do it. If not, stop the browser processes in task manager, then reboot.

    IF these fail, do a hard shutdown (hold the power button), if it’s actually Ransomware, you’ll be presented with the Ransom screen on reboot, but the claim on the first screen “Windows Health is Critical, Do Not Restart” is simply a scare tactic because restarting closes the browser processes and gets rid of the nag screen…which is exactly what the bad guys don’t want you to do of course.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • How Can I Add My Pronouns to my Instagram Account Profile?
  • Possible to Pair Bluetooth Headphones with my Vizio TV?
  • Possible to Schedule a Windows 11 System Update & Restart?
  • How Can I Add Spacers and Divider Lines to my MacOS 12 Dock?
  • How Do I Pair Bluetooth Earbuds with my Google Chromebook?

On Our YouTube Channel

Google Pixel 6a Budget Android Smartphone -- DEMO & REVIEW

QueStyle M15 Mobile Lossless DAC / Headphone Amp -- UNBOXING & REVIEW

Categories

  • AdSense, AdWords, and PPC Help (106)
  • Amazon, eBay, and Online Shopping Help, (161)
  • Android Help (201)
  • Apple iPad Help (145)
  • Apple Watch Help (52)
  • Articles, Tutorials, and Reviews (344)
  • Auto Tech Help (11)
  • Business Advice (199)
  • Chrome OS Help (25)
  • Computer & Internet Basics (764)
  • d) None of the Above (165)
  • Facebook Help (383)
  • Google, Chrome & Gmail Help (179)
  • HTML & Web Page Design (245)
  • Instagram Help (48)
  • iPhone & iOS Help (607)
  • iPod & MP3 Player Help (173)
  • Kindle & Nook Help (93)
  • LinkedIn Help (85)
  • Linux Help (166)
  • Linux Shell Script Programming (87)
  • Mac & MacOS Help (894)
  • Most Popular (16)
  • Outlook & Office 365 Help (26)
  • PayPal Help (69)
  • Pinterest Help (53)
  • Reddit Help (18)
  • SEO & Marketing (81)
  • Spam, Scams & Security (92)
  • Trade Show News & Updates (23)
  • Twitter Help (217)
  • Video Game Tips (66)
  • Web Site Traffic Tips (62)
  • Windows PC Help (921)
  • Wordpress Help (204)
  • Writing and Publishing (72)
  • YouTube Help (46)
  • YouTube Video Reviews (159)
  • Zoom, Skype & Video Chat Help (57)

Archives

Social Connections:

Ask Dave Taylor


Follow Me on Pinterest
Follow me on Twitter
Follow me on LinkedIn
Follow me on Instagram


AskDaveTaylor on Facebook



microsoft insider mvp


This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to our terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. Our lawyer says "Thanks for your cooperation."
© 2022 by Dave Taylor. "Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.
Privacy Policy - Terms and Conditions - Accessibility Policy