We were recently notified by our readers of a scam called Higopo.com. It’s been running for the better part of a month now, and at first we didn’t want to cover it at all, since we deal with malware, and not plain scams.
But, after researching the subject, it turned out it’s not only a scam, but a malware as well. Color me surprised on this, since the Higopo.com virus is the first significant Android malware I’ve seen in a year.
Higopo.com Virus Removal Guide for Android
We want to give you all the information on the subject you might need in here. Removing the Higopo.com notifications is quite simple, actually, at least on Android. But we want to cover a few more points in this guide, because they will benefit you, so be sure to read the rest of this post after completing the removal steps. Speaking of removal, here’s what you need to do to get rid of the Higopo.com notificications.
Begin by opening your Chrome app and tapping the three dots to access the browser menu. Then go to Settings > Notifications and then toggle off the Show Notifications option. This will stop all site notifications. If you want, you can turn it back on later, but keep it disabled for now until you deal with Higopo.
Next, scroll down a bit to the “Sites” section, where you can see what specific sites are allowed to send you notifications. If you see Higopo.com there, toggle it off.
We also recommend tapping on “Additional settings in the app” and toggling off the “Sites can ask to send notifications” option. This forbids any site from asking you to allow to send you notifications through Chrome and will make it a lot less likely to get hijackers like Higopo in the future.
After that, go back to the main Settings page for Chrome and open Site Settings. There, we recommend that you set Notifications to Ask First, and Pop-ups and Redirects (you must scroll down to find this setting) to Blocked. You can, of course, choose a different settings configuration, but we recommend this one as an optimal way to prevent rogue sites from spamming you and taking over your browser.
Additionally, we recommend setting the Third-party cookies and Intrusive ads options to Blocked.
Next, at the top of the Site Settings page, tap on All Sites, find Higopo.com, and click the trashcan button next to it to delete any data saved for that site.
Then also tap on Delete browsing data at the top of the, then select the Advanced tab, put checkmarks in all boxes except the ones next to Cached images and files, Saved passwords, and Auto-fill form data, and choose a time range from before you first started receiving the Higopo.com pop-ups. Then tap on Delete Data.
All of this sounds a little extreme, but it’ll remove the Higopo.com virus. The bigger issue is how this happened in the first placed. From the research I did and some comments from readers, it screams to me of a yet unpatched vulnerability in some Android apps.
How to Remove Higopo.com From Your Phone?
Your browser should now be clean, but there’s one other place you need to check for hijacker changes. Open your Settings app, and go to Passwords and Accounts. See if there are any unfamiliar owner accounts listed there and if you see any profile not added by you, tap it and select Remove account.
Lastly, it’s always a good idea to uninstall any suspicious apps that you have gotten around the time the Higopo.com notifications started appearing. This is especially true if you’ve installed third-party apps that aren’t from the Play Store. In such cases, we also recommend deleting the .apk file that you used for installing the app.
What to Do After Removing the Higopo.com Virus Spam?
It’s difficult to speculate – I rushed to post the solution here. I will update the guide if I find more information. But for now allow me to give you some more pointers that can protect you.
My research suggests the notifications can take the form of the following things: expiring subscriptions, about blocking ads, McaFee antivirus being out of date, refunds, deposits, your Microsoft or Google account being locked up. The important note here is to NOT TO ENGAGE WITH THE NOTIFICATIONS. Don’t tap anything, just ignore the notifications if they reappear. Clean your browser fully again like you did above.
The next step at that point is to check and uninstall any app you downloaded right before the notifications first appeared. The infection happens in a as of yet unmarked manner. I’ve read messages and DM-ed infected people asking them how it started.
I heard a lot of different and conflicting accounts. Some people said they just scanned QR codes with an app they used 100 times. Others said they sideloaded some apps. A third party claimed downloading a 2 factor authentication app.
The other theoretical possibility is using unsafe public WiFi that was infected when this happened. This is the plausible explanation if you didn’t download anything an just browsed, or downloaded a legitimate app in a public network. Infected networks can serve you with more than what you download/access on them.
What to Do if You Fell for the Higopo.com Scam?
At any rate, cleaning your browser settings should be enough. But that’s not the case if engaged or believed the notifications. One user claimed higopo.com redirected him and asked for a user name and password when he attempted to access a TV app account.
If you input anything – and even if you don’t – we recommend changing all recurring passwords, especially to websites you visited after the higopo.com virus started sending you notifications.
Is It possible Higopo.com isn’t a Scam?
Frankly, no. You are dealing with criminals here. This means to be extra vigilant, because they are likely to be aggressive in some way. Again – I recommend resetting your passwords for all sensitive accounts.
The higopo.com website is a thinly-veiled fake that’s pretty easy to spot.
It’s essentially positioned as a marketing material with empty words, but when you go to the About Us section (or Service for that matter), there’s no data there. No legally operating site will skimp on these details. Higopo.com is just the front for whatever scam advertisers want to trick you. It will disappear as soon as a real investigation is conducted, and the scammers will create a new entity.
What is Higopo.com Used for?
We did a bit more research on the situation with the higopo.com and came to some conclusions as to what its real purpose might be. You see, if you go to the site, you’ll see a very bare-bones front page of the site for a loosely-defined service that supposedly eliminates “the hassle of switching between apps and services” whatever that means. Needless to say, this isn’t the true goal or intent behind Higopo.com.
After learning about the experience of users who got their browsers hijacked by this site, we learned that most people get some pretty aggressive pop-ups and notifications that try to sell them anti-malware apps.
Not only do the pop-ups appear out of nowhere and obstruct the user, but they also actively try to use intimidation tactics to get you to download the anti-malware app they advertise. They lie to the user about malware present on the device to get them to install the security software (which, itself, is probably not too far from malware). It’s the oldest trick in the book of scam tricks, yet it often works because it relies on shock and surprise to prevent the target from thinking clearly.
Needless to say, you must absolutely avoid any interaction with such popups and not trust anything written on them. They haven’t detected malware on your device but may get you to download something undesirable if you fall for their blatant scams.
I am incredibly grateful to you for this information. You have an invaluable site to follow. Thank you sincerely!
Thank you Nathan, great job!
Thank you very much! I got the virus from the QR scanner.
Very helpful. I got this from a QR code as part of an identity verification app, CLEAR, on LinkedIn.
Thank you. I got it from a QR code for uttv, click the link below the QR code.
This was helpful. I got it from a QR code that came in a sealed album.
Thanks for taking the time to share.
It snagged me when I downloaded something which should have been a reliable source from Google Play.
Following your easy instructions, the virus appears to be exterminated.
Got this from a QR code in an information kiosk in Berkeley
Thank you
This virus appeared right after I downloaded a screen mirroring app
Got it at the Social Security Office. Using my qr scanner. Filled out a form and immediately got called by Navy Federal that I was getting multiple suspicious transactions. Only temporarily losing a few dollars. This info helps a lot. Thx!
I also picked up HIGOPO from the Social Security Office in Brooklyn Center, MN. Just curious, but what city did it happen with you. I went back the same day once I determined that their QR scan was the source. The security guard would not believe me, so showed him a hard copy of this article. I went back the next day, but I was not allowed to speak to the office manager. the Guard to me contact the FBI.
Thank you for providing this well researched and important process.
I got this virus from scanning a QR code on a Netgear router. Thank you for this information!
Since none of the screens on my Samsung Galaxy Android corresponded with your instructions, I found another way to get rid of higopo. I cleared browsing history and they stopped.
Started after I used QR code loading Fire TV app. Is it the amazon app or the QR scan app?
Very grateful, thank you!
Got this virus scanning qr code on printed instructions for setting up a Vizio tv.
I got it after downloading an app to monitor heart rate, that uses the camera/QR. The app started and it looked like something apart of the app, and i clicked it thinking i was setting up the app. Luckily i didn’t do much after downloading the app, and I deleted it after what i needed it for.
Lot of people got this and me thanks for info guys!
Appreciate your willingness to help! Got it from QR code for Roku smartphone camera app. Really can’t trust anything anymore 😞
Thank you for this information. I got this virus from scanning a qr code on a public parking meter, didn’t realize what it was, and I entered my credit card information and everything, then realized it took me to some music and movie subscription that charges $39.95 a month, but says nothing about parking… So I knew then I was scammed! I’m so angry! Luckily my bank is on top of scam and didn’t approve the charge.
So thankfully I saw this just got a new phone and it got me. Luckily I never clicked on it.
Thank you for such detailed information. It is such a rarity to get details that are understandable!
Thank you so much for your help. I got mine after I scanned a QR code for a new LEMFO LT10 “Smart Bracelet” (smart watch thru AliExpress) for the FitPro operating app. Android acted up immediately.
I got this from a QR code at a restaurant, thanks for the detailed instructions.
Thank you so much for this information. I got it from a QR code that Walmart sent for free Paramount TV+. Anyway it tricks you by saying it is free, then saying your card won’t be charged. However, the very bottom says by clicking here you are authorizing them to debit your account. My bank notified me before I realized what happened. They did 2 charges one for 1.95 and the other for 39.95 with the name Blistentme charged on my account. Looks like QR codes aren’t safe to use.
And all I wanted to do was get a Subway tuna fish. The parking lot required me to scan a QR code and input personal info. I shoulda got a burger…
I have a Samsung S23 and tried your remedy. I do not use chrome as I Like google. It did not work for me. I too picked it up in a QR app. Perhaps you could give me some guidance. I would really appreciate it. Thank you Fred
Hi Fred Brooks,
what browser do you use ?
Thanks so much for taking the time to help the many frustrated people out there! I know I was one of them! I encountered higopo when I was sent a link to download an app for a new robo vacuum. Too much hassle that comes with a $400 robot…..Boxed it up and sent it back. And now I think I have my problem solved on my cellphone. Thank you. Thank you. Thank you.
Thank you very much for this. I picked up the Hipogo virus when I downloaded a QR and Barcode Scanner from Gamma Play in Play Store. As soon as I scanned the first barcode, all the Hipogo blasts started and as soon as I deleted them, they reappeared. After following your removal procedure, so far, I have not received any more. You are wonderful.
How do I know it is deleted and my phone is safe? My security scans aren’t picking anything up, and to be honest, didn’t in the first place. Scared to use anything on my apps now.
Hi Deanne,
did you do all the steps necessary to remove this virus?
I’m sure that I got it from downloading a QR code reader app from Google Play. Thank you.