“You Are Blocked” MSN virus/scam

Posted: 05:15 hours (GMT+8)

Virus alert. Someone on my friendslist fell for the scam. Assuming there are only 6 degrees of separation… Thought I’d write something up really quick before someone else I know falls victim. I’m up this late because I was doing my Final Year Project.

How it tricks people: A hacker enters your MSN account, advertising a block checker with a trademarked company. It will come up as an offline friend logging in, talking to you with the ad, possibly changing the screen name, then soonafter logging out. Your friend will include a link to either “www.you-are-blocked.com” or “www.youareblocked.com“, saying you can check out who has blocked you on MSN by using this site.

The overexcited/curious unsuspecting person CLICKS THE LINK and GIVES THEIR PASSWORD without checking things out with their friend first.

Consequences: From what I’ve heard (on the interwebs), downloading the software will cause your computer screen to start spazzing. Then it dies. Permanently. I’m sorry.

Otherwise, it’ll just send the link to your friends, pretending to be you.

Damage control:

1) Change your MSN password - NOW! GO GO GO

Eventually you should be able to log into MSN. If MSN is too unreliable, sign in through another website that uses the MSN Passport or Windows Live ID, such as Hotmail/Windows Live Mail. It will be at a section that says something like “Settings”, “Account” or “Edit your info”.

***If you can’t figure out how to change your password, please step away from the computer now and get someone who does because the likelihood you will cause your computer to die an even worse death as you continue following these steps is very, very high.***

(Edit: After reading some comments from readers, I believe you can stop at Step 1 if your computer is not acting weird.)

2) Disable system restore

This ensures a thorough clean-up and that the virus won’t be backed up.

Windows XP instructions
Windows ME instructions

3) Reboot computer in Safe Mode

Press the F5 or F8 key down as soon as you turn on the computer and hold it there until you hear a beep, see a startup menu (a list of the computer’s various startup options) appear, or safe mode loads. You’ll know you did it right if you see the words “safe mode” at the corners of your screen.

4) Run a thorough virus check

Ensure your anti-virus software is up-to-date. If it isn’t, download the latest updates from its website before running it. Need help? Check out this tutorial.
5) Remove MSN Messenger completely

Uninstall it from the Add/Remove Programs control panel to remove its program directory from your computer (to make sure everything is removed). If you can’t find it, it should be under “Windows Live Messenger” (too tired to check now, using common sense).

6) Reinstall MSN Messenger

Go to the official website and reinstall it.

7) Learn from it

Warn your friends and don’t do it again.

Information Sources:
Posts by “CookieRevised” - Website 1, Website 2

This entry was posted on Thursday, 13 December 2007 at 5:19 am and is filed under technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

8 Responses to ““You Are Blocked” MSN virus/scam”

  1. Jusjustjustin Says:
    Friday, 4 January 2008 at 8:52 pm

    Thanks a lot. I had been attacked by this virus. And i sincerely thank you for writing these. I am now going to complain about these websites.

  2. Chocolatefan Says:
    Wednesday, 9 January 2008 at 12:38 am

    Cool, didn’t think anyone else would find this useful. Hope it helped!

  3. Dave Says:
    Saturday, 12 January 2008 at 8:27 pm

    Thanks for this, Like an idiot i clicked on a similar link yesterday and as i type this, i am on stage 4 of the process.
    Thanks, I am confident that i will get rid of it…and yes (number 7) Learn from it!
    Dave

  4. Leefe Says:
    Saturday, 9 February 2008 at 2:07 pm

    It is my understanding that this site is just a Phishing site, ie it collects you MSN username and password, so it can spam all your contacts to get their username and password, but I don’t think it installs anything (though I haven’t gone as far as testing this theory).

    So changing your password MSN password is imperative, but I don’t think uninstalling and reinstalling MSN is necessary.

    For more nifo read: blockdelete.com is a scam!

  5. Chocolatefan Says:
    Monday, 11 February 2008 at 11:07 pm

    @ Leefe: Thanks for your post. I haven’t tested the theory out either and hope I don’t get to that stage ever. It’s troublesome as it is either way.

  6. MB Says:
    Monday, 7 July 2008 at 10:33 am

    Thank you so much! My sister nearly clicked the link but it seemed fishy so I told her not to and researched it first. You probably just saved her comp.

  7. Chocolatefan Says:
    Thursday, 10 July 2008 at 1:16 am

    @MB: YOU saved her comp. I sure didn’t force you to check it out first. :P Ah, the power of second thoughts…

  8. Fan of Chocolate fan xD Says:
    Thursday, 31 July 2008 at 4:32 pm

    Thanks alot! I knew it was a scam but i fell for it after a month of ignoring my pesky friends “lniks” on msn =…….= i quickly did a google and ur blog came up.. changed my pass immediately xD thanks again

Leave a Reply