We were recently notified by our readers of a scam called Higopo.com. It’s been running for the better part of a month now, and at first we didn’t want to cover it at all, since we deal with malware, and not plain scams.
But, after researching the subject, it turned out it’s not only a scam, but a malware as well. Color me surprised on this, since the Higopo.com virus is the first significant Android malware I’ve seen in a year.
Higopo.com Virus Removal Guide for Android
We want to give you all the information on the subject you might need in here. Removing the Higopo.com notifications is quite simple, actually, at least on Android. But we want to cover a few more points in this guide, because they will benefit you, so be sure to read the rest of this post after completing the removal steps. Speaking of removal, here’s what you need to do to get rid of the Higopo.com notificications.
Begin by opening your Chrome app and tapping the three dots to access the browser menu. Then go to Settings > Notifications and then toggle off the Show Notifications option. This will stop all site notifications. If you want, you can turn it back on later, but keep it disabled for now until you deal with Higopo.
Next, scroll down a bit to the “Sites” section, where you can see what specific sites are allowed to send you notifications. If you see Higopo.com there, toggle it off.
We also recommend tapping on “Additional settings in the app” and toggling off the “Sites can ask to send notifications” option. This forbids any site from asking you to allow to send you notifications through Chrome and will make it a lot less likely to get hijackers like Higopo in the future.
After that, go back to the main Settings page for Chrome and open Site Settings. There, we recommend that you set Notifications to Ask First, and Pop-ups and Redirects (you must scroll down to find this setting) to Blocked. You can, of course, choose a different settings configuration, but we recommend this one as an optimal way to prevent rogue sites from spamming you and taking over your browser.
Additionally, we recommend setting the Third-party cookies and Intrusive ads options to Blocked.
Next, at the top of the Site Settings page, tap on All Sites, find Higopo.com, and click the trashcan button next to it to delete any data saved for that site.
Then also tap on Delete browsing data at the top of the, then select the Advanced tab, put checkmarks in all boxes except the ones next to Cached images and files, Saved passwords, and Auto-fill form data, and choose a time range from before you first started receiving the Higopo.com pop-ups. Then tap on Delete Data.
All of this sounds a little extreme, but it’ll remove the Higopo.com virus. The bigger issue is how this happened in the first placed. From the research I did and some comments from readers, it screams to me of a yet unpatched vulnerability in some Android apps.
How to Remove Higopo.com From Your Phone?
Your browser should now be clean, but there’s one other place you need to check for hijacker changes. Open your Settings app, and go to Passwords and Accounts. See if there are any unfamiliar owner accounts listed there and if you see any profile not added by you, tap it and select Remove account.
Lastly, it’s always a good idea to uninstall any suspicious apps that you have gotten around the time the Higopo.com notifications started appearing. This is especially true if you’ve installed third-party apps that aren’t from the Play Store. In such cases, we also recommend deleting the .apk file that you used for installing the app.
What to Do After Removing the Higopo.com Virus Spam?
It’s difficult to speculate – I rushed to post the solution here. I will update the guide if I find more information. But for now allow me to give you some more pointers that can protect you.
My research suggests the notifications can take the form of the following things: expiring subscriptions, about blocking ads, McaFee antivirus being out of date, refunds, deposits, your Microsoft or Google account being locked up. The important note here is to NOT TO ENGAGE WITH THE NOTIFICATIONS. Don’t tap anything, just ignore the notifications if they reappear. Clean your browser fully again like you did above.
The next step at that point is to check and uninstall any app you downloaded right before the notifications first appeared. The infection happens in a as of yet unmarked manner. I’ve read messages and DM-ed infected people asking them how it started.
I heard a lot of different and conflicting accounts. Some people said they just scanned QR codes with an app they used 100 times. Others said they sideloaded some apps. A third party claimed downloading a 2 factor authentication app.
The other theoretical possibility is using unsafe public WiFi that was infected when this happened. This is the plausible explanation if you didn’t download anything an just browsed, or downloaded a legitimate app in a public network. Infected networks can serve you with more than what you download/access on them.
What to Do if You Fell for the Higopo.com Scam?
At any rate, cleaning your browser settings should be enough. But that’s not the case if engaged or believed the notifications. One user claimed higopo.com redirected him and asked for a user name and password when he attempted to access a TV app account.
If you input anything – and even if you don’t – we recommend changing all recurring passwords, especially to websites you visited after the higopo.com virus started sending you notifications.
Is It possible Higopo.com isn’t a Scam?
Frankly, no. You are dealing with criminals here. This means to be extra vigilant, because they are likely to be aggressive in some way. Again – I recommend resetting your passwords for all sensitive accounts.
The higopo.com website is a thinly-veiled fake that’s pretty easy to spot.
It’s essentially positioned as a marketing material with empty words, but when you go to the About Us section (or Service for that matter), there’s no data there. No legally operating site will skimp on these details. Higopo.com is just the front for whatever scam advertisers want to trick you. It will disappear as soon as a real investigation is conducted, and the scammers will create a new entity.
What is Higopo.com Used for?
We did a bit more research on the situation with the higopo.com and came to some conclusions as to what its real purpose might be. You see, if you go to the site, you’ll see a very bare-bones front page of the site for a loosely-defined service that supposedly eliminates “the hassle of switching between apps and services” whatever that means. Needless to say, this isn’t the true goal or intent behind Higopo.com.
After learning about the experience of users who got their browsers hijacked by this site, we learned that most people get some pretty aggressive pop-ups and notifications that try to sell them anti-malware apps.
Not only do the pop-ups appear out of nowhere and obstruct the user, but they also actively try to use intimidation tactics to get you to download the anti-malware app they advertise. They lie to the user about malware present on the device to get them to install the security software (which, itself, is probably not too far from malware). It’s the oldest trick in the book of scam tricks, yet it often works because it relies on shock and surprise to prevent the target from thinking clearly.
Needless to say, you must absolutely avoid any interaction with such popups and not trust anything written on them. They haven’t detected malware on your device but may get you to download something undesirable if you fall for their blatant scams.
Leave a Reply