What is "VIRAL ALARM OF MICROSOFT"?
"VIRAL ALARM OF MICROSOFT" is a fake alert, displayed by deceptive, rogue websites. It is used to scare users into thinking that their computer is blocked, due to a variety of issues. It promotes fraudulent Microsoft Windows technical support, which if used will eventually require payment.
In most cases, such dubious sites are opened by PUAs (potentially unwanted applications) already present in the device. These apps do not need express user permission to be installed onto their systems.
They operate by generating redirects to untrustworthy and potentially malicious websites (for example, ones that display messages like "VIRAL ALARM OF MICROSOFT"), also by delivering intrusive advertisement campaigns and spying on users' browsing activity.
Once accessed, this website displays a pop-up window - an alarm from "Microsoft". This fraudulent alert implores users not to close the window/site and not to restart their computers, due to the registry key being blocked.
Then it lists the reasons why the key is blocked: Windows OS (operating system) was registered using an illegal/pirated key, there is illegitimate software on the system and/or it is spreading viruses over the Internet, the device has been overtaken/hacked from an undefined location.
The scam then continues to urge users to contact its "free" tech support and/or enter the registration key, in order to unblock the computer. Typically, when such fake supports are contacted they take users through meandering paths of technobabble intended to result in users paying for the imaginary services provided.
In short, scams like "VIRAL ALARM OF MICROSOFT" are used to extort money from people. If such fake alerts cannot be closed the usual way (by closing the browser tab/window), the Task Manager should be used to end the browser process.
When reopening the browser in question, the previous session should not be restored - since it will also reopen the scam page (or cause the site that redirected to it before, to do so again).
As previously stated PUAs can force-open new browser tabs/window and redirect users to untrustworthy and potentially malicious websites. They can also run invasive advertisement campaigns (pop-ups, banners, coupons, surveys and similar). By employing a variety of tools, unwanted applications enable third party graphical content.
Consequently, the adverts delivered can seriously diminish browsing quality; limit browsing speed and site visibility (by overlaying the original content).
Additionally, the ads themselves are deemed a safety hazard; due to the type of websites they redirect to (unreliable/compromised/malicious) and their ability to execute scripts, designed to make autonomous downloads/installs of rogue apps. Some PUAs also have data tracking abilities.
By tracking users' browsing habits, they can gather their personal information (IP address, geolocation and real-life identity details). What is important to know, is that this data is then shared with third parties (possibly, cyber criminals), intent on misusing it to generate revenue.
Therefore, PUAs can cause various browser and system invasions/infections, as well as lead to severe privacy issues (even identity theft). To ensure device integrity and user safety, all dubious applications must be removed immediately
|Name||Windows Support Alarm tech support scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||The error message claims that the system has been blocked due to security reasons and encourages users to contact fake Microsoft tech support.|
|Tech Support Scammer Phone Number||+1-833-272-0272|
|Serving IP Address (web-web-tec-host-err[.]xyz)||220.127.116.11|
|Detection Names (web-web-tec-host-err[.]xyz)||Kaspersky (Malware), Forcepoint ThreatSeeker (Suspicious), Full List Of Detections (VirusTotal)|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
PUAs are innumerous and most share certain traits between them. They often offer some sort of "useful" and "advantageous" features. However, most of them are nonfunctional and if not, they rarely operate as advertised. Furthermore, the Internet is rife with various deceitful and scam websites.
They usually display fraudulent system alarms, virus and error alerts, as well as other fake warnings meant to frighten users into paying for having their devices "fixed". Similar scams to "VIRAL ALARM OF MICROSOFT", include "Virus Support Alert", "Windows is not activated", "This computer is blocked" and many others.
Such sites and scams are mostly used by cyber criminals, seeking financial gain through offers of various services or software.
How did potentially unwanted applications install on my computer?
PUAs can be inadvertently installed by users themselves or without their consent/knowledge. Undesirable applications can be downloaded from their websites. They can also be installed alongside intended programs. "Bundling" is a false marketing tactic, by which regular software is pre-packed with PUAs.
Inattentive and rushed installations (e.g. ignoring terms, skipping steps, etc.) can also endanger systems to undesirable invasions. PUAs also proliferate through invasive adverts, which when clicked, can execute scripts to download/uninstall them.
How to avoid installation of potentially unwanted applications?
It is strongly recommended to use only official and verified sources for downloading software, as opposed to third party downloaders. When installing programs, it is advised to read terms and explore possible options, to ensure that the installed programs are legitimate and will behave appropriately.
Additionally, users should use "Custom/Advanced" settings and opt-out from all supplementary apps/features. When browsing, users should refrain from clicking on suspicious ads and avoid visiting likewise suspect websites.
Intrusive advertisements can look ordinary and harmless, however the sites they redirect to (gambling, pornography, adult-dating, etc.) can be a dead giveaway.
Should users encounter such ads/redirects, they are recommended to check their device and remove all dubious applications and browser extensions/plug-ins. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented in "VIRAL ALARM OF MICROSOFT" pop-up:
VIRAL ALARM OF MICROSOFT
***This computer is BLOCKED***
Do not close this window and restart your computer
The registry key on your computer is Blocked.
Why did we block your computer?
The registry key of the window is illegal.
This window uses pirated software.
This window sends virus over the internet.
This window is hacked or used from undefined location.
We block this computer for your safety.
Contact Windows helpline to wake up your computer.
Enter Windows registration key to unlock or call
Windows Support alarm
Your System Has Discovered An Unusual Activity.
It could harm your computer data and your financial activities.
Please report this activity an +1-833-272-0272
The appearance of "VIRAL ALARM OF MICROSOFT" pop-up (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Windows Support Alarm tech support scam?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.