Author: Jesse Mueller (Page 1 of 38)

Laptop Swelling

It’s uncommon to see, but laptops can get swollen. If you ever think your laptop is swelling, then you need to address a problem with its battery, stat!

laptop swelling

Usually, the laptop’s battery is a boring little brick that stays in one shape. But a manufacturing defect, extreme age or abuse could cause acid leakage, inside the battery’s main casing. If this happens, the rupture is usually still contained, but that boring brick will change shape. It may start to resemble a wallet or a beanbag.

If this ever happens to you, you’ll start to notice that your laptop is warping. Perhaps the keyboard is arcing upwards, or the sides of the laptop are starting to gap. You may have trouble closing the lid because things just don’t fit anymore. And it could be that the distended tech feels warmer than usual.

Again: this is not common, but if you notice this, you do need to take prompt action. Ignoring a turgid laptop is a risk to your computer’s lifespan and your personal safety! Shut off the laptop and disconnect the power cord. Take your computer to a repair store, and they’ll know how to safely replace your battery.

Alternatively, if the laptop is no longer needed, you can take it to a computer recycler.

The Girl Scout Cookie Scam

There’s always another scam just around the corner. And with these jokers in Scamdinavia, nothing is sacred. Please watch out for the Girl Scout Cookie Scam, circulating on Facebook and possibly other social media.

The Scam

You might already know this scam, but it’s still worth broadcasting. Because the Girl Scout brand is so endearing and trustworthy, some people are getting fooled by this nonsense. Check out these examples of the scam I’ve collected from Facebook:

Let me be clear: These posts are not legitimate, not endorsed by The Girl Scouts of America and not created by anyone in this country. People in Kenya or Pakistan have created sock puppet accounts on Facebook, stolen a bunch of photos with kids and cookies in them, and are simply posing and fishing for quick money.

Anyone who messages these schemers will be asked to pay for their cookies using Paypay, Venmo, CashApp, etc.. The poster collects the money and pretends to take down the address, and asks the victim to wait a couple of weeks for delivery. When the delivery day passes and no cookies arrive, the crook will be long gone.

What’s Scammy and What’s Legit?

Once you know what to look for, it’s easy to get your Girl Scout Cookies from a safe source. Here’s what to look out for:

  • A legitimate Girl Scout Cookie post will offer specific details, like:
    • A URL to the Cookie Finder, or a personalized website for ordering, beginning with “gsdigitalcookie.com”
    • The time and location where the kiddos will be setting up to sell their cookies in-person
    • A variety of payment options, and no sense or urgency (pay when the cookies arrive)
  • A scam post will seem fishy, if you take notice:
    • the child’s name or troop is not mentioned
    • the cookie prices are wrong or too low
    • the posting account is no one you know and you have no mutual Facebook friends with them
    • the post has commenting turned off

If you see a scam post on Facebook, report it to the group’s admin or moderator. You can report it to Facebook, too, but they are unlikely to do anything.

For more info on how to get these delicious cookies, check out the Girls Scouts Cookie Program website.

Duct Cleaning Scams v2.0

If you aren’t familiar with the duct cleaning scams that abound on Facebook, I recommend you first check out my 2021 post on this matter. Once you’re up to speed on the basics, it’s time to discuss the new-and-improved duct cleaning scams. Duct Cleaning Scams v2.0 are beginning to spread throughout Facebook. Don’t fall for them and be ready to report them.

Upgrades

Duct cleaning scams are the same as before: People located in Pakistan are posting in American Facebook Groups, trying to sell duct cleaning services.

They use sock puppet accounts that make them look American. Posing as “local companies”, they are really just looking to schedule appointments, which they then resell to unlicensed people near you. The folks in Pakistan collect referral fees for each job s/he schedules. The people in America get suspicious cleaners at their door. Whoever arrives to clean ducts is not connected to any real company, and may overcharge for their service or commit other crimes.

But they’ve upped their game for 2024. The scammers are trying to appear more professional now. Their latest posts show a classy flyer with pricing, a business card, and a real website.

The wording of their posts is much improved, too. Gone are the copy-and-paste phrases that we rolled our eyes at, like “Believe our Work not Words!” Now they present more detailed and personalized posts that closely resemble everyday small businesses in our country.

Their sock puppet accounts are looking better, too. They’ve got dozens of them now, all sporting American names and stolen photos. They’re using the accounts to click Like on each other’s posts and photos, which makes them look active and more legitimate.

Same Tells and Giveaways

I am sure this is still a scam. First, I chat with these people. It’s the same ol’ schtick with them, but I still like to get proof when I can. I ask them where they’re from (Washington!) and then I send them a link to my address. (Oops, that wasn’t a link to my address, it tells me the location of the clicker:)

Karachi isn’t in Washington, good sir.

But there are other hints. Sometimes, I click the poster’s name to view their Facebook profile. And it catches my eye when their profile name doesn’t match with the name hiding in their Facebook URL:

I’ve tried calling some of their numbers (Houston TX area code, probably purchased through Ring Central), and no one ever picks up. But they answer texts and Facebook messages immediately. And they block me quickly, if I mention their home country:

And then there’s their website. The Titan website looks fine, but the devil is in the details. Looking up the domain name, I can see it was registered just 2 months ago, through a Czechoslovakian company. And while the images on the site looks crisp and pleasant, every single one of them tracks back to other, older, legitimate HVAC companies throughout the USA. Google Lens is really nice for doing a quick reverse image search, and it shows that these schemers just lifted their images from real duct cleaning websites.

Advice

  • If you recognize a duct cleaning scam, report it to Facebook, and then also report it to the admin of the group where it was posted. Facebook won’t do anything, but hopefully the group’s moderator will remove the post and/or block the sock puppet account.
  • Verify a service company’s identity with a simple phone call, or getting a referral from a true local. Make sure they have a contact number and address that makes sense for your location. Avoid contracting with any service provider that insists on texts or private messaging only.
  • If someone claims they have a license with the local county or NADCA, get that license number from them and check it out! Scammers will boast about having all their licenses, but won’t give them when asked.

More Facebook Phishing

I never think I’ve seen it all. I’m sorry to report, there’s always another scam, just around the corner. Today, I’m seeing a new take on Facebook phishing, and this time, it’s targeting Facebook Business Pages. The scammers are creating fake profiles AND fake websites, and hoping to fool everyday folk like you and I.

The Scam

The scammers are watching and waiting for a legitimate business to post on Facebook. Specifically, they’re looking for giveaway-style posts, where the business is offering something to anyone who comments on or Likes the post. It’s easy for them: They’re just performing a word-search on Facebook posts for “giveaway” or something similar. And when they find what they want, they spring into action.

They quickly create a phishing website that resembles the target company. And they also create a Facebook page, using the name and photos from the real business profile. Then they start commenting to people on their original giveaway post:

more facebook phishing
That comment is not from the real Freeman Foods, it’s an impostor!

Unsuspecting people might see these comments and be fooled into thinking that it is a real comment from the legitimate business. But the comment and link is fraudulent. The URL in the comment leads to a bogus phishing website that asks for your PII. And victims of that fake site will suffer from spam, identity theft or worse.

The Tells

This scam may be obvious to some people, but I should point out how to recognize this as a phishing attempt:

  • The comment links to a strange URL, containing “myfreesites”, “googlesites”, “sitebuilder.com” and not the real URL for the business. These other URLs are using platforms that let anyone create a website, on the fly, for free!
  • The English is a little off, because the scammer is certainly in another country. They could be in Scamdinavia or Carjackistan, but they hide this and pretend to be in the USA.
  • If you click through to the commenter’s page, you can see that it was created very recently and has very few Likes/followers. The legitimate business page would have many Likes and have been created far in the past.
The real Freemans Foods has thousands of followers and created their FB page in 2013.

Reporting the Issue

If you are the real business owner, and the scammer is commenting on your posts, click on the impostor’s name and use the 3-dots button on their profile to report them to Facebook. Then, return to your posts where their comments are, and report those as well. When reporting the comments, look for additional options to Block or Ban them from your Page.

If you are a regular Facebook user, and you see this type of phishing, feel free to report the scammer’s Page and comments to Facebook. The more reports they get, the quicker they may shoot down the impostors.

And if you want to go the extra mile, you can report the phishing website (URL) mentioned in the comments. This can help Google, Microsoft and other big tech in noticing and flagging that website, and it may lead to the site being removed from the internet:

Windows Upgrade Limitations in 2024

It may sound like a dry topic, but some of us really need to understand Windows upgrade limitations in 2024. Microsoft has created some pinch-points, and it affects people who own older computers. Let me break this up into two sections:

Windows 7/8 Can No Longer Be Upgraded to 10

For a long time, Windows 7 and Windows 8 computers could “get” Windows 10. The upgrade might take a long time, but Microsoft would easily detect your old license and morph into a Windows 10 llicense, for free.

Well, last fall, they finally and fully closed that opportunity. Now, if you try to update your Win7 to Win10, you might:

  • meet with failure
  • get a Win10 computer that is plagued with licensing and pirated-software alerts
  • be prompted to pay ($140) for a new license

I don’t like any of these possibilities. Do not attempt to upgrade your Win7/8 computer to Win10!

Your Windows 10 PC Might Not Be Eligible for Windows 11

Microsoft has made an app to tell you if your computer can upgrade to Windows 11, but that’s not really necessary. On a Win10 computer, just click Start -> Settings -> Update & Security. This panel, where you download regular Microsoft updates, will also tell you if this computer can run Windows 11 or not.

If this panel tells you that your computer is not allowed a Windows 11 upgrade, you’ll see this sort of verbiage:

Windows Upgrade Limitations in 2024

Some people are crafting ways around this block. If you go looking, there are steps to upgrade these computers to Windows 11, but I do not recommend them. There are unknown risks in forcing Windows 11 where it shouldn’t go. I wouldn’t accept those risks. I wouldn’t want you to, either.

Other Miscellany

  • If you have a Windows 7 or Windows 8 machine, there is no way that it could ever be upgraded to Windows 11. Do not try it.
  • Remember that Windows 10 reaches its end of life on October 14, 2025. If you have an older, non-Win11 system, you should factor this in to all decisions regarding OS upgrades and tech purchases.
  • If your Windows 10 PC says that it is compatible with Windows 11, great! But no need to rush. You are perfectly safe in holding off on that free upgrade, up until 10/14/2025.
  • Windows 10 computers, that were previously upgraded from Win7/8, should now not be erased/formatted and put through a reinstallation of Windows 10. Because the Windows 10 activation servers have been turned off, an OS reinstallation on these machines might lead to license errors and a block to future updates.

Rogue Chromium Browsers

Everyone is free to choose what web browser to use on their computer. Many people use Edge or Safari, because it came as part of the operating system on the computer. Others opt for Chrome or Firefox. But what is worrisome and worth warning about is the use of rogue Chromium browsers. I hope I can teach you what these are, so you can recognize and avoid these.

Let me clearly state: Google Chrome is a good browser to use. If you use Google Chrome, please continue to do so! Chromium browsers are different. A Chromium browser is essentially a modified version of Chrome that has different abilities or behaviors. Many of these tweaks can lead to harm.

Examples of Rogue Chromium Browsers

The first Chromium browser that spread to average computer users was labeled Chromium, and had a blue-tinted icon, very similar to the classic Google Chrome icon.

rogue chromium browsers

This open-source version of Chrome was meant to be used by developers, programmers and other technical experts. To my eye, it really stands out when I find it on a layperson’s computer, and is often my first clue that I’m going to find other unwanted software…

Wave Browser is an example of a modern-day rogue Chromium browser. It is polished, has a classy logo/icon, and appears to be professional and fast to open. Those who use this may feel right at home, because its menus and behavior closely resemble Google Chrome. I’ll get to the devil in the details, though, in the next section.

OneLaunch is another rogue to watch out for. But this one is easier to spot, as it comes with a special bar that permanently eats up the top half-inch of your screen. OneLaunch will function as well as any other browser, but let me describe more of what’s under the hood here:

Detriments of Using a Rogue Browser

Sketchy Search Engine: These browsers often steer their users into using a modified version of the Yahoo search engine. This engine is not anything I would ever use. It’s been altered to include more ads and paid placement than the usual Yahoo engine. Many of the top results you get from this are promotions, malicious links and phishing sites.

I searched for “Xfinity phone number” in a variety of search engines, just now. Google, Bing, DuckDuckGo all returned solid results and the safe trustworthy phone number for Comcast. Yahoo.com also gave me good info. But when I use Onelaunch and WaveBrowser to do the same search, the results were riddled with ads and websites I would never want to visit. I can see this behavior leading some users to scams and false information and phishing websites.

Modified Start Page: When I test these rogues out, I notice the Start Page has been customized, to show a lot of strange things. Some are salacious news articles. Others are gross advertorials about health conditions. And even others are lures to bogus antivirus messages.

Eating Up Screen Real-Estate: Some of these browsers take a lot of liberty with your computer. OneLaunch installs a bar of icons across the top of the computer, and it remains up there, even after you close the browser!

Empty Promises: In some of these browsers, I see them boast that they offer Camera Privacy and better ad-blocking. I just can’t even with this nonsense. People desiring camera privacy simply turn off their camera. Close the shutter on their camera. Disconnect their camera. Slap a Band-Aid over their camera! Whatever your concerns might be about webcam surveillance, you should not be turning to a mystery app to solve them.

Constant Nags: These browsers may have various popups, trying to convince you to set them as your Default Browser, try out their extra products and more.

Who Really Makes These Browsers?: It can be hard to tell who’s behind these programs. I went looking into Wave Browser’s pedigree. It’s created by a company called Wavesor. That turns out to be the trade name for Polarity Technologies. Which is a subsidiary for Genimous Technology, a Chinese firm that has been investigated and criticized by our government officials.

What Else Came With This Program?: These rogue browser are downloaded and installed, often without the computer user understanding how or even when it happened! They can be sneaky like that. And if this app showed up unexpectedly, chances are good that they came with other potentially unwanted programs. I often find other adware to remove when I service computers with rogue browsers on them.

Moving Back to a Mainstream Browser

The good news is that if you want to reverse course and go back to your previous browser, that should be easy. Uninstall the rogue app, and your other browser(s) should still be there. These rogues don’t harm or delete anything from your system.

After that, you may want to run a few scans on the system. There could be some junkware, separate from the browser, that needs to go. Your antivirus is just the first tool to consider. I like to run specific tools, like ADWCleaner or Norton Power Eraser, to look for hidden nasties.

If you are struggling with this cleanup and feel in-over-your-head, please know that I deal with this everyday, and can help you in restoring things. Reach out to me if you feel like your computer is still acting “off”, or if any computer task is “above your paygrade.”

The Bitcoin Purchase Scam

bitcoin purchase scam

The Bitcoin Purchase Scam is rather common right now, and I’d recommend you become familiar with it. It is just another Thank-You-For-Your-Purchase scam, and there is no truth to what’s in the message.

In short, this scam’s email announces a charge for a Bitcoin purchase you didn’t make. That’s because there was no purchase, but the scammers are hoping that you don’t know that. They want their victims to react quickly and reach out. Anyone calling the stated phone number will speak to a cybercriminal who is all too ready to lie lie lie and steal your money.

But here’s a longer, Too Many Words version, from a fresh incident that I just helped a client recover from:

From a Recent Service Call:

Today’s caller asked me to check over his computer, because he’d had some unauthorized transfers on his bank account. His bank couldn’t explain it to him, so they recommended he have his PC checked. I asked him a few questions about possible scams, but nothing rung a bell. So I dug in and eventually picked out the history and whole story of the scam.

About a month ago, he’d received this email, became concerned, and called who he thought was Paypal. It was not Paypal, it was instead some crook in Scamdinavia.

bitcoin purchase scam
Don’t ever call the numbers in these emails. No good can come of it!

The scammer on the phone told my client some convoluted story, in order to convince him to install Anydesk and DWAgent (remote control software) on the machine.

I don’t know the in and outs of the scammer’s claims, but browser history from the PC showed that they’d visited the Paypal website, as well as Western Union. Perhaps they attempted some money transfers, but I don’t think they succeeded. And then things went quiet for a few weeks. But the scammer was playing The Long Game. He retained his remote-access to the computer and bided his time….

And more sketchy activity began a couple of weeks later: New remote control software (Supremo & RealVNC) was added to the system last week. And then someone installed a covert keylogger as a Chrome extension. My client didn’t recall any new phone calls, so I had to conclude that they were accessing the computer without his knowledge. They were adding these programs and attempting more bank transactions using his computer, while he was away or asleep.

For my part, I removed all of these control apps and crimeware. The Supremo was a challenge, as they’d put a password on it, but I persevered. In less than an hour, we had answers and a safe-to-use computer again. But the client still has plenty of work to do. Following up with the bank, changing passwords, chasing after money to see what, if anything, can be clawed back… I wouldn’t wish this stress on anyone.


Please, if you’ve read this far, understand that these crooks will go to great lengths to steal your money. Be suspicious of anything unexpected that arrives on your computer or phone. Try to verify things independently from any call or email that has you worried. And if it gets too complicated or overwhelming, just shut everything down and go talk to a friend. Sunlight is the best disinfectant.

If you’ve received an email you are concerned about, feel free to forward it to me! I will write you back with my professional opinion as to if it is fake or legitimate. And if you’ve been had, you may call me and hire me to clean your computer. But call your bank first, prioritize your financials over your technology!

Typical Facebook Scams

Scams continue to abound on Facebook, despite efforts and apologies from the man at the top. If you’re going to use this platform, please be aware of these typical Facebook scams, so that you don’t get taken:

Hair Stylist Scams

If you’re looking for a new ‘do, please be cautious you don’t get taken by “fake” hair stylists on Facebook. It’s a simple scam: Pose as a real stylist, collect a deposit or booking fee and then block the customer and disappear with the money.

This scam is a little harder to pick up on, though. First, these scammers (from Nigeria?) are willing to chat with you, using decent English and convincing slang. They may sound like cool, local people! Next, a pretend-hair-stylist may give you the name, address and phone number of a legitimate hair salon near you, when you ask. But they are not connected to that company — they just pulled it from a quick Google search to convince you to hand over your money.

Antivirus Offers

Some endorsements on Facebook won’t go to legitimate antivirus websites. They’ll go to a semi-phishing website, where they’ll try to get you signed up on spam lists, or entice you to download adware onto your computer.

Dental Care Assistance

I know that good dental care is expensive, but don’t fall for this nonsense. You won’t get anything but spam email and calls if you cooperate with this type of post.

Reduced-cost/free dental care is out there, though. Get off of Facebook and investigate what the trade schools and colleges in your area might offer!

Giveaway Groups

Scams are so prevalent on Facebook, that the scammers are creating closed groups for their schemes. These groups are essentially a place for their scams to collect and build up.

You will never find a more wretched hive of scum and villainy than in one of these groups. Steer clear!

Paid Surveys

I imagine there’s a way to get paid for surveys, but a post on Facebook is not it. Instead, people who are duped by this will be handing over their PII to scammers. They will sign you up on countless spam lists, and possibly use your info in other scams or identity theft efforts.

typical facebook scams

Red Flags for Typical Facebook Scams

  • They show a URL to a GoDaddy or GoogleSite address.
  • Payment is through Venmo/CashApp while credit cards are discouraged.
  • A photo of American cash is shown.
  • They insist on texting or private messages, and don’t want to talk on the phone.

I’ll Pass on Copilot

Copilot is Microsoft’s take on the AI craze. If you use a Windows computer, you’ve probably noticed that Copilot has silently added itself to your taskbar and/or web browser. But not everyone appreciates or cares for this AI tool. If you’re saying, “I’ll pass on Copilot,” here are some steps you can take to get it off your plate.

Quick and Easy Methods

If Copilot is on your Windows Taskbar, you can remove its icon:

  • Right-click your taskbar and left-click Taskbar Settings.
  • Look for Copilot (Preview) and click its toggle switch Off.

If Copilot is barging in on your Microsoft Edge browser:

  • With Edge open, click the 3-dots button to the upper-right, and then click Settings.
  • On the Settings list to the left, click Sidebar.
  • On the right, under App Specific Settings, click Copilot.
  • Click the toggles next to the Copilot options to turn each Off.

You may have to repeat these steps in the future, as Windows Updates may re-enable Copilot, without warning.

More Advanced Tactics

Copilot is treated as a component of Windows, and as such, cannot be removed. But it can be strictly disabled, using stronger methods.

The Group Policy Editor can be used to hamstring Copilot, but that is only available to those running Educational or Professional versions of Windows. Sorry, Home users!

Power users can modify the Windows Registry to disable Copilot. But I discourage this for all but the most tech-savvy. Registry changes are not for the faint of heart and are risky.

If you’re open to using 3rd-party software, I’ve tested DoNotSpy11 and found it to be straightforward and malware-free. This app allows people to disable Copilot and other intrusive features in Windows. If you’re the tinkerer-sort, check this freebie out!

Lastly, you can always switch to a non-Microsoft browser to sidestep Copilot and similar Microsoft distraction. Besides Google Chrome and Mozilla Firefox, there are many solid options out there, including the Brave Browser and the almost-ready-for-primetime DuckDuckGo Browser.

Evite Phishing

There’s a phishing email going around that looks like an Evite. Here’s what you need to know about it:

Phishing Photos

The bogus message looks like this:

evite phishing

This email, if you receive one, may have one of your friend’s email at the top. But please don’t believe in this thing. This is all a sham.

I clicked through, though, because I accept the risk and have to dig into these things. The “View Invitation” link led me to a different phishing page:

This is not the real Dropbox, but it looks similar enough to fool some people. Please notice that the URL is nowhere close to the real address for Dropbox.

Next (please don’t you do this!), I clicked the Captcha and saw the next screen, which wanted to know which email I used:

And each of those email buttons leads to a different phishing panel, where they were trying to convince me to type in my email address and password. This whole scam, phishing upon more phishing, is all an effort to get people to hand over their email credentials to some cybercriminals.

Dos and Don’ts

If you receive this message:

  • Don’t reply to this message.
  • Don’t Block the Sender (because it really did come from one of your friends).
  • Don’t click on any links.
  • Don’t type in any passwords or other important info.
  • Call the sender, or contact them outside of email, to let them know about this.
  • Encourage the sender to change their email password or otherwise secure their account. They have likely been compromised, and someone bad is abusing their email address!
  • If problems persist, mention to the sender that they can reach out to BlueScreen for direct help!
« Older posts

© 2024 BlueScreen Computer

Theme by Anders NorenUp ↑