Windows Was Blocked Due To Questionable Activity scam

What is "Windows Was Blocked Due To Questionable Activity"?

"Windows Was Blocked Due To Questionable Activity" is yet another scam message used to extort money from unsuspecting users. Delivered by deceptive websites, the message states that the system has been blocked and encourages users to immediately contact 'tech support' via a telephone number provided.

 In fact, these claims are false and you should never call this number. Furthermore, redirects to websites that deliver the "Windows Was Blocked Due To Questionable Activity" message might indicate the presence of Potentially Unwanted Applications (PUAs) on the system.

"Windows Was Blocked Due To Questionable Activity" scam overview

This scam message states that Windows Operating System has been blocked and that users must contact tech support (via the "+1-877-640-1433" telephone number) to restore everything. Once contacted, these people will ask users to pay a certain sum of money for assistance (this is not even required, since the "Windows Was Blocked Due To Questionable Activity" error is fake).

You should leave the website that displays this scam immediately. Be aware that these sites are often designed to prevent users from closing browser tabs/windows. In this case, terminate the browser process using Windows Task Manager. Do not restore the previous browser session the next time you run the browser, since this will reopen the rogue site.

Websites that deliver fake error messages are often opened by PUAs. Therefore, these redirects can indicate the presence of rogue apps. As well as causing redirects, PUAs are also likely to deliver coupons, banners, pop-ups, and other similar advertisements that can lead to dubious websites and even execute scripts that download/install other PUAs.

Therefore, clicking them can result in various system infections. Additionally, intrusive ads are delivered using tools that enable placement of third party graphical content on any site. Therefore, they often conceal underlying content, thereby significantly diminishing the browsing experience.

Another important issue is information tracking. PUAs usually gather IP addresses, website URLs visited, web pages viewed, search queries, and other similar data relating to browsing activity. Collected data (IP addresses, website URLs visited, pages viewed, search queries, etc.) often includes personal details that developers sell to third parties (potentially, cyber criminals).

These people misuse private data to generate even more revenue. Thus, information tracking can lead to serious privacy issues or even identity theft. These applications should be uninstalled immediately.

Threat Summary:

Name	"Windows Was Blocked Due To Questionable Activity" virus
Threat Type	Phishing, Scam, Social Engineering, Fraud
Fake Claim	The error message states that system has been blocked due to 'suspicious activity' and encourages users to contact the tech support scam.
Tech Support Scammer Phone Number	+1-877-640-1433, +1-830-637-7234, +0-800-120-6785, +1-833-784-4773, +1-866-808-1910
Related Domain(s)	proguys[.]ml, 993dapwksmd[.]ml
Detection Names (proguys[.]ml)	BitDefender (Malware), Cyradar (Malicious), Kaspersky (Malware), Sophos AV (Malicious), Full List Of Detections (VirusTotal)
Serving IP Address (proguys[.]ml)	138.197.207.29
Symptoms	Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods	Compromised websites, rogue online pop-up ads, potentially unwanted applications (PUAs).
Damage	Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Malware Removal (Windows)	To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Technical support scam examples

"Windows Was Blocked Due To Questionable Activity" shares many similarities with dozens of other scam errors, such as "Microsoft Detected Malicious Virus And Blocked Your Computer", "Hard Drive Safety Delete", and "Error # 0x80092ee9".

These scams often claim that the system is infected, not activated, missing files, or damaged in other similar ways, just to trick users into calling fake 'tech support' or downloading various unwanted applications (e.g., system cleaners). In any case, never trust these messages and, if you have already downloaded any of the promoted applications, remove them immediately.

How did potentially unwanted applications install on my computer?

Some PUAs have official download websites, however, most are proliferated using intrusive advertisements and a deceptive marketing method called "bundling" (stealth installation of third party applications together with regular software). Developers hide "bundled" apps behind "Custom/Advanced" settings (or other sections) of the download/installation processes.

Furthermore, many users often rush these procedures and skip steps. Additionally, they click various advertisements without understanding the possible consequences. This behavior often leads to inadvertent installation of third party applications. In this way, users expose their systems to risk of various infections and compromise their privacy.

How to avoid installation of potentially unwanted applications?

To prevent this situation, be very cautious when browsing the Internet and downloading/installing software. Bear in mind that intrusive advertisements typically seem legitimate, since developers invest many resources into intrusive ad design. In fact, they usually redirect to dubious websites (gambling, adult dating, pornography, survey, and similar).

If you encounter these ads, remove all suspicious applications and browser plug-ins immediately. Furthermore, download programs from official sources only, preferably using direct download links. Third party downloaders/installers often include rogue apps, and thus such tools should never be used.

Study each window of the download/installation dialogs using the "Custom" or "Advanced" settings. Opt-out of additionally-included apps and decline offers to download/install them. The key to computer safety is caution. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

Appearance of this pop-up scam (GIF):

Text presented within:

Windows Defender - Security warning
App: Ads.fiancetrack(2).dll
Threat detected: Trojan Spyware

Windows was blocked due to questionable activity.
Contact Technical Support: +1-833-674-1971

Another variant of the "Windows Was Blocked Due To Questionable Activity" pop-up scam:

Appearance of this website (GIF):

Text presented in the pop-up window:

Windows protected your PC

Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk. For technical support call on +1-830-637-7234 (Toll Free).

Yet another variant of "Windows Was Blocked Due To Questionable Activity" pop-up scam:

Text presented within:

Pop-up:

 

Authentication Required

Asks for your username and password. ATTENTION: Your password will not be sent to the website you are visiting! +1-800-409-1628 (Toll Free)

 

Background:

 

Windows was blocked due to questionable activity

Please stop or restart your computer

 

Call immediately
+1-800-409-1628

Get the latest news on safety issues.

Instant help without waiting
call +1-800-409-1628 (Toll Free) and improve health. Of your computer.

Be updated with windows
Our professionals will keep you up to date with the latest software

Knowledge on safe browser
learn more about safe browsing get information about +1-800-409-1628

Call Support Team : +1-800-409-1628 (Toll Free)

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is "Windows Was Blocked Due To Questionable Activity" virus?
• How to identify a pop-up scam?
• How do pop-up scams work?
• How to remove fake pop-ups?
• How to prevent fake pop-ups?
• What to do if you fell for a pop-up scam?

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

• Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
• Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
• Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
• Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
• Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

• If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
• If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
• If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
• Help other Internet users: report Internet scams to Federal Trade Commission.

Frequently Asked Questions (FAQ)

What is a pop-up scam?

Pop-up scams are messages intended to trick users into performing specific actions. For example, visitors to deceptive sites can be lured into calling fraudulent helplines, disclosing personal information, purchasing untrustworthy software (e.g., fake anti-viruses), installing malware, and so forth.

What is the purpose of a pop-up scam?

Pop-up scams aim to generate revenue for their designers. Profit can be generated through: the sale of users' private data, deceitfully received money (e.g., fake fees, purchase of dubious software, etc.), untrustworthy application promotion, malware proliferation, etc.

Why do I encounter fake pop-ups?

Pop-up scams are displayed on rogue websites, which are typically accessed inadvertently. Most users enter them via mistyped URLs, deceptive browser notifications/ intrusive ads or sites using rogue advertising networks, or even have the scam pages force-opened by harmful software installed onto their devices.

I have allowed cyber criminals to remotely access my computer, what should I do?

If you've allowed cyber criminals access to your device, you have to disconnect it from the Internet first. Afterwards, uninstall the remote access tools you've been asked to install (e.g., TeamViewer, AnyDesk, etc.). You must then use an anti-virus to perform a full system scan, and should malware be detected - immediately remove it.

I have provided my personal information when tricked by a pop-up scam, what should I do?

If the disclosed information was account log-in credentials - immediately change the passwords of all potentially compromised accounts and contact their official support. And if the information was of a different personal nature (e.g., credit card numbers, ID card details, etc.) - contact the relevant authorities without delay.

Will Combo Cleaner protect me from pop-up scams and the malware they proliferate?

Combo Cleaner is capable of scanning visited websites and detecting deceptive/scam and malicious pages. Additionally, it can block further access to these sites. Combo Cleaner can detect threats present on systems and eliminate nearly all known malware infections. However, running a full system scan is crucial - since sophisticated malware tends to hide deep within systems.

▼ Show Discussion