Complete tips to delete ICS (International Card Services) email scam
Scammers use phishing emails to target credit cards, usernames, passwords, social security numbers and other personal information about users. ICS (International Card Services) email scam is an example of one such phishing emails, used for extracting credit card details and online banking information.
The emails in the campaign are disguised as from Internet Card services. The scammers behind it try to trick people into believing that they have to perform periodic customer verification or otherwise their bank account will be blocked.
The scammers claim that the recipients can prevent this action only when they verify their account via the provided website. During the moment of analysis, the website link in ICS (International Card Services) email was not working.
However, it may be fixed at the time you are receiving it. Remember that, phishing websites are designed to record the data entered in them. Thus, the moment you enter your banking credential to the provided phishing website, you will lose these sensitive information to the scammers.
The scammers use these data to make fraudulent transactions and online purchases or for other malicious purposes. They may even use the emails to deliver malware as well. Check the below paragraph how spam emails cause system infection.
How to spam campaigns infect systems?
Malicious documents opened with Microsoft Office version 2010 and newer versions ask permission to enable macros command. They do not install malware until this permission is granted. Older versions do not have this feature and thus they install malware the moment you click on them.
Full text presented in ICS (International Card Services) email scam’s page (in Dutch and English languages):
Subject: Uw huidige creditcard is geblokkeerd
INTERNATIONAL CARD SERVICES
Belangrijke informatie met betrekking tot uw bestelling bij Microsoft
Uw ICS-klantomgeving zal binnenkort worden opgeheven. U heeft de periodieke klantverificatie niet uitgevoerd. Dit betekent dat wij als creditcarduitgever, verplicht zijn om uw producten bij ons te blokkeren. Ook moeten wij u als consument permanent afwijzen.
Uw rekening is voorlopig geblokkeerd. Om permanente blokkade te voorkomen, kunt u met de onderstaande link uw rekening verifiëren. Na de verificatie kunt u weer normaal gebruikmaken van uw rekening.
Wij wensen u alvast veel betaalgemak!
Met vriendelijke groet,
International Card Services BV
Uw Card wordt uitgegeven door International Card Services BV (ICS).
Let op! Ga voorzichtig om met uw persoonlijke gegevens. Medewerkers van ICS zullen nooit naar uw gebruikersnaam, wachtwoord en/of pincode vragen. Niet via e-mail, telefoon of op welke andere manier dan ook.
Dit bericht is verzonden door International Card Services BV, gevestigd aan de Wisselwerking 32 te (1112 XP) Diemen, ingeschreven in het Handelsregister Amsterdam onder nummer 33.200.596.
This message has been sent by International Card Services BV, which has its seat at Wisselwerking 32 (1112 XP) Diemen, the Netherlands, and is registered in the Commercial Register of Amsterdam under number 33.200.596.
How to prevent malware intrusion?
Irrelevant emails with website links and attachments in them should never be trusted, especially when they are sent from suspicious addresses. The most important is that you avoid clicking on those attachments/ files as these are the ones through which spam emails cause infection.
Additionally, we recommend you use the latest Microsoft Office version (i.e., the one released after 2010). As we already mentioned, this includes protective view mode in them to prevent automatic execution of macros commands that is needed for any MS Office documents to run a file.
However, this is not enough as the malware could have some other sources. It has been found that the malware often taken route through untrustworthy downloading channels (p2p networks, free file hosting sites and third party downloaders/ installers), illegal activation tools and fake software updaters.
Therefore, you should use only official websites and direct links for any software download and any installed software has to be updated and activated using tools/ functions from official software developers’ tools/ functions.
The operating system should have a reputable antivirus tool installed on it for better protection. This tool however has to be kept updated so as to get best from it. If you think you have opened malicious attachments, we recommend you use some reputable antivirus tool to remove possibly infiltrated malware.
Antimalware Details And User Guide
Important Note: This malware asks you to enable the web browser notifications. So, before you go the manual removal process, execute these steps.
Google Chrome (PC)
- Go to right upper corner of the screen and click on three dots to open the Menu button
- Select “Settings”. Scroll the mouse downward to choose “Advanced” option
- Go to “Privacy and Security” section by scrolling downward and then select “Content settings” and then “Notification” option
- Find each suspicious URLs and click on three dots on the right side and choose “Block” or “Remove” option
Google Chrome (Android)
- Go to right upper corner of the screen and click on three dots to open the menu button and then click on “Settings”
- Scroll down further to click on “site settings” and then press on “notifications” option
- In the newly opened window, choose each suspicious URLs one by one
- In the permission section, select “notification” and “Off” the toggle button
- On the right corner of the screen, you will notice three dots which is the “Menu” button
- Select “Options” and choose “Privacy and Security” in the toolbar present in the left side of the screen
- Slowly scroll down and go to “Permission” section then choose “Settings” option next to “Notifications”
- In the newly opened window, select all the suspicious URLs. Click on the drop-down menu and select “Block”
- In the Internet Explorer window, select the Gear button present on the right corner
- Choose “Internet Options”
- Select “Privacy” tab and then “Settings” under the “Pop-up Blocker” section
- Select all the suspicious URLs one by one and click on the “Remove” option
- Open the Microsoft Edge and click on the three dots on the right corner of the screen to open the menu
- Scroll down and select “Settings”
- Scroll down further to choose “view advanced settings”
- In the “Website Permission” option, click on “Manage” option
- Click on switch under every suspicious URL
- On the upper right side corner, click on “Safari” and then select “Preferences”
- Go to “website” tab and then choose “Notification” section on the left pane
- Search for the suspicious URLs and choose “Deny” option for each one of them
Manual Steps to Remove ICS (International Card Services) email scam:
Remove the related items of ICS (International Card Services) email scam using Control-Panel
Windows 7 Users
Click “Start” (the windows logo at the bottom left corner of the desktop screen), select “Control Panel”. Locate the “Programs” and then followed by clicking on “Uninstall Program”
Windows XP Users
Click “Start” and then choose “Settings” and then click “Control Panel”. Search and click on “Add or Remove Program’ option
Windows 10 and 8 Users:
Go to the lower left corner of the screen and right-click. In the “Quick Access” menu, choose “Control Panel”. In the newly opened window, choose “Program and Features”
Mac OSX Users
Click on “Finder” option. Choose “Application” in the newly opened screen. In the “Application” folder, drag the app to “Trash”. Right click on the Trash icon and then click on “Empty Trash”.
In the uninstall programs window, search for the PUAs. Choose all the unwanted and suspicious entries and click on “Uninstall” or “Remove”.
After you uninstall all the potentially unwanted program causing ICS (International Card Services) email scam issues, scan your computer with an anti-malware tool for any remaining PUPs and PUAs or possible malware infection. To scan the PC, use the recommended the anti-malware tool.
How to Remove Adware (ICS (International Card Services) email scam) from Internet Browsers
Delete malicious add-ons and extensions from IE
Click on the gear icon at the top right corner of Internet Explorer. Select “Manage Add-ons”. Search for any recently installed plug-ins or add-ons and click on “Remove”.
If you still face issues related to ICS (International Card Services) email scam removal, you can reset the Internet Explorer to its default setting.
Windows XP users: Press on “Start” and click “Run”. In the newly opened window, type “inetcpl.cpl” and click on the “Advanced” tab and then press on “Reset”.
Windows Vista and Windows 7 Users: Press the Windows logo, type inetcpl.cpl in the start search box and press enter. In the newly opened window, click on the “Advanced Tab” followed by “Reset” button.
For Windows 8 Users: Open IE and click on the “gear” icon. Choose “Internet Options”
Select the “Advanced” tab in the newly opened window
Press on “Reset” option
You have to press on the “Reset” button again to confirm that you really want to reset the IE
Remove Doubtful and Harmful Extension from Google Chrome
Go to menu of Google Chrome by pressing on three vertical dots and select on “More tools” and then “Extensions”. You can search for all the recently installed add-ons and remove all of them.
If the problems related to ICS (International Card Services) email scam still persists or you face any issue in removing, then it is advised that your reset the Google Chrome browse settings. Go to three dotted points at the top right corner and choose “Settings”. Scroll down bottom and click on “Advanced”.
At the bottom, notice the “Reset” option and click on it.
In the next opened window, confirm that you want to reset the Google Chrome settings by click on the “Reset” button.
Remove ICS (International Card Services) email scam plugins (including all other doubtful plug-ins) from Firefox Mozilla
Open the Firefox menu and select “Add-ons”. Click “Extensions”. Select all the recently installed browser plug-ins.
If you face problems in ICS (International Card Services) email scam removal then you have the option to rese the settings of Mozilla Firefox.
Open the browser (Mozilla Firefox) and click on the “menu” and then click on “Help”.
Choose “Troubleshooting Information”
In the newly opened pop-up window, click “Refresh Firefox” button
The next step is to confirm that really want to reset the Mozilla Firefox settings to its default by clicking on “Refresh Firefox” button.
Remove Malicious Extension from Safari
Open the Safari and go to its “Menu” and select “Preferences”.
Click on the “Extension” and select all the recently installed “Extensions” and then click on “Uninstall”.
Open the “Safari” and go menu. In the drop-down menu, choose “Clear History and Website Data”.
In the newly opened window, select “All History” and then press on “Clear History” option.
Delete ICS (International Card Services) email scam (malicious add-ons) from Microsoft Edge
Open Microsoft Edge and go to three horizontal dot icons at the top right corner of the browser. Select all the recently installed extensions and right click on the mouse to “uninstall”
Open the browser (Microsoft Edge) and select “Settings”
Next steps is to click on “Choose what to clear” button
Click on “show more” and then select everything and then press on “Clear” button.
In most cases, the PUPs and adware gets inside the marked PC through unsafe freeware downloads. It is advised that you should only choose developers website only while downloading any kind of free applications. Choose custom or advanced installation process so that you can trace the additional PUPs listed for installation along with the main program.