Scammers are tricking victims into paying $25 for fake security software, ZDNet reports.
The tech-support scammers use fake blue screen of death (BSOD) messages and a phony “Troubleshooter for Windows” application to try to sell a supposed Microsoft security product called “Windows Defender Essentials.” The name sounds like two real Windows anti-malware applications: Windows Defender and Security Essentials.
Malwarebytes researcher Pieter Arntz says the Troubleshooter app is being distributed through a cracked software installer.
Instead of troubleshooting, the app says that “Windows has encountered an unexpected error” and the computer is “missing .dll registry files resulting in computer failure.” Victims are encouraged to click “next” to diagnose and troubleshoot the issue.
Once the victim does that, they’re led to a screen that lists false problems and says the troubleshoot couldn’t fix the issue. But the message says it can be resolved by clicking a “Recommended” link to “Buy Windows Defender Essentials.” Selecting this leads to a page that encourages victims to send $25 to the scammer’s PayPal account.
A browser-based screen locker goes away after the money is paid.
Last week, Microsoft warned about a scam in which tech-support scammers trick users into calling a bogus hotline using click-to-call functionality in a website. The company didn’t immediately respond to a request for comment on the “Troubleshooter for Windows” scam.
According to tech support site BleepingComputer, victims can “trick” the program into shutting down: once they reach the PayPal purchase screen, they can hit Ctrl+O to open a dialogue box, and then enter http://hitechnovation.com/thankyou.txt. This makes the program think they’ve paid the $25, and it shuts down.
Removal instructions for Troubleshooter are available on Malwarebytes.
Special Reports: CNET’s in-depth features in one place.
Technically Incorrect: Bringing you a fresh and irreverent take on tech.