Avoid getting scammed by "YOU ARE THE CHOSEN!" pop-up

Also Known As: YOU ARE THE CHOSEN! pop-up
Distribution: Low
Damage level: Medium

"YOU ARE THE CHOSEN!" removal instructions

What is "YOU ARE THE CHOSEN!"?

"YOU ARE THE CHOSEN!" is a scam, run by deceptive websites. It claims that visitors have been chosen and can win a special reward. It must be emphasized that all scams are intended only to generate revenue for their designers; therefore, they cannot be trusted as doing so can lead to various severe issues. Sites that promote "YOU ARE THE CHOSEN!" and similar scams are typically accessed via redirects caused by intrusive adverts or by PUAs (Potentially Unwanted Applications), already infiltrated into the system.

YOU ARE THE CHOSEN! scam

The first thing visitors to websites running the "YOU ARE THE CHOSEN!" scam see is a pop-up window. It claims that they have been chosen and have a chance of getting a special reward. After this window is closed, users are presented with a "wheel-of-fortune" prize draw. The wheel consists of potential prize images and "1 [more] spin" cells. It may take several spins for the arrow to land on a fake prize and when it does, users are presented with another pop-up. It congratulates them with winning a Venmo gift card. While Venmo is a genuine payment service owned by PayPal, the alleged gift card - is fake. By using the names of legitimate services scams further the impression of their own legitimacy. The text presented in the window urges users to accept the gift, as they supposedly only have five minutes to do so. They are instructed to provide their information in the next page in order to claim the prize. Clicking the "OK" button redirects to another site, which informs visitors that they need to answer a few questions to proceed towards their reward. However, the small print clarifies that they can only receive the prize upon completing unspecified purchase requirements. Afterwards, users are redirected to yet another deceptive/scam webpage. It is strongly advised against trusting the "YOU ARE THE CHOSEN!" scam, as that is highly likely to lead to a wide variety of serious problems.

As mentioned in the introduction one of the main culprits behind redirects to scam websites are PUAs, yet they can open various untrustworthy, rogue, sale-based, compromised and even malicious pages as well. Unwanted apps can also deliver intrusive advertisements, which diminish the browsing experience, cause redirects to dangerous webpages and can stealthily download/install content (e.g. PUAs). Other applications within this category can hijack browsers, limit/deny access to their settings and promote illegitimate search engines. Most PUAs (regardless of their specific abilities) can track data. They can monitor users' browsing habits (URLs visited, search queries typed, etc.) and collect their personal information (IP addresses, geolocations and real-life details). This vulnerable data can then be shared with third parties (potentially, cyber criminals), intent on misusing it for profit. To summarize, PUAs can cause browser/system infiltrations and infections, lead to severe privacy issues, financial losses and even identity theft. To ensure device/user safety - all suspect applications and browser extensions/plug-ins must be removed without delay.

Threat Summary:
Name YOU ARE THE CHOSEN! pop-up
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Scam claims users can win a prize.
Related Domains adport[.]io
Serving IP Address (adport[.]io) 104.20.171.28
Detection Names (adport[.]io) CRDF (Malicious), Full List Of Detections (VirusTotal)
Symptoms Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods Compromised websites, rogue online pop-up ads, potentially unwanted applications.
Damage Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Removal

To eliminate YOU ARE THE CHOSEN! pop-up our malware researchers recommend scanning your computer with Spyhunter.
▼ Download Spyhunter
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

"SPECIAL AWARD FROM OUR SPONSORS", "International promotion of postal services" and "Like Of The Year" are a couple examples of other scams. This scam model (fake prize/award) is most often used to trick users into revealing their personal information (e.g. identity, banking, credit card and similar details) and/or making monetary transactions (e.g. "delivery", "shipping", "packing" fees or other "payments"). Other scam types include warnings that the system is infected, an essential piece of software is outdated/missing, unbelievably good offers and so on. In summary, trusting such schemes can lead to download/installation and/or purchase of nonoperational, untrustworthy or malicious content, financial losses and endangerment of user privacy/safety.

How did potentially unwanted applications install on my computer?

Some PUAs have "official" download pages, which are commonly promoted by deceptive sites. However, they can be downloaded/installed alongside other programs. "Bundling" is the term used to define this false marketing technique of packing ordinary content together with unwanted or malicious software. Rushed download/install processes (e.g. skipped steps and sections, etc.) increase the risk of potential system infiltrations and infections. When clicked on, intrusive ads can execute scripts, designed to download/install PUAs without user consent.

How to avoid installation of potentially unwanted applications?

All products should be researched, prior to download/installation and/or purchase. Only official and verified download sources should be used. Untrustworthy download channels like: free file-hosting websites, Peer-to-Peer sharing networks (BitTorrent, eMule, Gnutella, etc.) and other third party downloaders - are advised against use. When downloading/installing, it is recommended to read terms, explore all available options, use the "Custom/Advanced" settings and opt-out from supplementary apps, tools, features and so on. Intrusive adverts typically appear legitimate and innocuous, however they redirect to unreliable webpages (e.g. pornography, adult-dating, gambling and others). Should users encounter advertisements/redirects of this kind, they are to inspect the device and immediately remove all dubious applications and/or browser extensions/plug-ins form it. If your computer is already infected with PUAs, we recommend running a scan with Spyhunter for Windows to automatically eliminate them.

Text presented in "YOU ARE THE CHOSEN!" scam's initial pop-up:

YOU ARE THE CHOSEN!
You can have a chance to get a special reward! Press 'OK'!

Text presented in the background:

WELCOME
Congratulations, you're Lucky Visitor!

You have been selected to receive a special reward from our sponsors!

Text presented in the pop-up displayed after the wheel stops on "1 spin":

Good Luck
You got (1) Extra Spin!

Screenshot of the pop-up congratulating users on winning:

YOU ARE THE CHOSEN! scam pop-up announcing the win

Text presented in this pop-up:

Congratulations!
Venmo Gift Card is reserved for you! Please HURRY! You have only 5 minutes to claim it! Verify your information on the next page to continue.

Screenshot of the website "YOU ARE THE CHOSEN!" initially redirects to:

YOU ARE THE CHOSEN! scam redirect chain 1

Screenshot of the website redirected to after the previous one:

YOU ARE THE CHOSEN! scam redirect chain 2

The appearance of "YOU ARE THE CHOSEN!" scam (GIF):

YOU ARE THE CHOSEN! scam gif

IMPORTANT NOTE! This deceptive site asks to enable web browser notifications.

Therefore, before commencing, perform these steps:

Google Chrome (PC):

  • Click the Menu button (three dots) on the right upper corner of the screen
  • Select "Settings", scroll down to the bottom and click "Advanced"
  • Scroll down to the "Privacy and security" section, select "Content settings" and then "Notifications"
  • Click three dots on the right hand side of each suspicious URL and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again)

Disable pop-up' notifications in Google Chrome web browser

Google Chrome (Android):

  • Click on the Menu button (three dots) on the right upper corner of the screen and click "Settings"
  • Scroll down, click on "Site settings" and then "Notifications"
  • In the opened window, locate all suspicious URLs and click on them one-by-one
  • Select "Notifications" in the "Permissions" section and set the toggle button to "OFF"

Disable pop-up' notifications in Android Google Chrome web browser

Mozilla Firefox:

  • Click the Menu button (three bars) on the right upper corner of the screen
  • Select "Options" and click on "Privacy & Security" in the toolbar on the left hand side of the screen
  • Scroll down to the "Permissions" section and click the "Settings" button next to "Notifications"
  • In the opened window, locate all suspicious URLs, click the drop-down menu and select "Block"

Disable pop-up' notifications in Mozilla Firefox web browser

Internet Explorer:

  • Click the Gear button on the right upper corner of the IE window
  • Select "Internet options"
  • Select the "Privacy" tab and click "Settings" under "Pop-up Blocker" section
  • Select suspicious URLs under and remove them one by one by clicking the "Remove" button

Disable pop-up' notifications in Internet Explorer web browser

Microsoft Edge:

  • Click the menu button (three dots) on the right upper corner of the Edge window
  • Scroll down, find and click "Settings"
  • Scroll down again and click "View advanced settings"
  • Click "Manage" under "Website permissions"
  • Click the switch under each suspicious website

Disable pop-up' notifications in Microsoft Edge web browser

Safari (Mac):

  • Click "Safari" button on the left upper corner of the screen and select "Preferences..."
  • Select the "Websites" tab and then select "Notifications" section on the left pane
  • Check for suspicious URLs and apply the "Deny" option for each

Disable pop-up' notifications in Safari web browser

Instant automatic removal of YOU ARE THE CHOSEN! pop-up: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of YOU ARE THE CHOSEN! pop-up. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

Removal of potentially unwanted applications:

Windows 7 users:

Accessing Programs and Features (uninstall) in Windows 7

Click Start (Windows Logo at the bottom left corner of your desktop), choose Control Panel. Locate Programs and click Uninstall a program.

Windows XP users:

Accessing Add or Remove Programs in Windows XP

Click Start, choose Settings and click Control Panel. Locate and click Add or Remove Programs.

Windows 10 and Windows 8 users:

Accessing Programs and Features (uninstall) in Windows 8

Right-click in the lower left corner of the screen, in the Quick Access Menu select Control Panel. In the opened window choose Programs and Features.

Mac OSX users:

Uninstall app in OSX (Mac)

Click Finder, in the opened screen select Applications. Drag the app from the Applications folder to the Trash (located in your Dock), then right click the Trash icon and select Empty Trash.

PUAs uninstall via Control Panel

In the uninstall programs window, look for any suspicious/recently-installed applications, select these entries and click "Uninstall" or "Remove".

After uninstalling the potentially unwanted application, scan your computer for any remaining unwanted components or possible malware infections. To scan your computer, use recommended malware removal software.

Remove rogue extensions from Internet browsers:

Video showing how to remove potentially unwanted browser add-ons:

Internet Explorer logoRemove malicious add-ons from Internet Explorer:

Removing rogue extensions from Internet Explorer step 1

Click the "gear" icon Internet Explorer options icon (at the top right corner of Internet Explorer), select "Manage Add-ons". Look for any recently-installed suspicious browser extensions, select these entries and click "Remove".

Removing rogue extensions from Internet Explorer step 2

Optional method:

If you continue to have problems with removal of the you are the chosen! pop-up, reset your Internet Explorer settings to default.

Windows XP users: Click Start, click Run, in the opened window type inetcpl.cpl In the opened window click the Advanced tab, then click Reset.

Resetting Internet Explorer settings to default on Windows XP

Windows Vista and Windows 7 users: Click the Windows logo, in the start search box type inetcpl.cpl and click enter. In the opened window click the Advanced tab, then click Reset.

Resetting Internet Explorer settings to default on Windows 7

Windows 8 users: Open Internet Explorer and click the gear icon. Select Internet Options.

Reseting Internet Explorer settings to default in Windows 8 - accessing

In the opened window, select the Advanced tab.

Resetting Internet Explorer settings to default on Windows 8 - Internet options advanced tab

Click the Reset button.

Resetting Internet Explorer settings to default on Windows 8 - click the Reset button in the Internet options advanced tab

Confirm that you wish to reset Internet Explorer settings to default by clicking the Reset button.

Resetting Internet Explorer settings to default on Windows 8 - confirm settings reset to default by clicking the reset button

Google Chrome logoRemove malicious extensions from Google Chrome:

Removing rogue extensions from Google Chrome step 1

Click the Chrome menu icon Google Chrome menu icon (at the top right corner of Google Chrome), select "More tools" and click "Extensions". Locate all recently-installed suspicious browser add-ons and remove them.

Removing rogue extensions from Google Chrome step 2

Optional method:

If you continue to have problems with removal of the you are the chosen! pop-up, reset your Google Chrome browser settings. Click the Chrome menu icon Google Chrome menu icon (at the top right corner of Google Chrome) and select Settings. Scroll down to the bottom of the screen. Click the Advanced… link.

Google Chrome settings reset step 1

After scrolling to the bottom of the screen, click the Reset (Restore settings to their original defaults) button.

Google Chrome settings reset step 2

In the opened window, confirm that you wish to reset Google Chrome settings to default by clicking the Reset button.

Google Chrome settings reset step 3

Mozilla Firefox logoRemove malicious plugins from Mozilla Firefox:

Removing rogue extensions from Mozilla Firefox step 1

Click the Firefox menu firefox menu icon (at the top right corner of the main window), select "Add-ons". Click on "Extensions", in the opened window remove all recently-installed suspicious browser plug-ins.

Removing rogue extensions from Mozilla Firefox step 2

Optional method:

Computer users who have problems with you are the chosen! pop-up removal can reset their Mozilla Firefox settings.

Open Mozilla Firefox, at the top right corner of the main window, click the Firefox menu, firefox menu icon in the opened menu, click Help.

Accessing settings (Reset Firefox to default settings step 1)

Select Troubleshooting Information.

Accessing Troubleshooting Information (Reset Firefox to default settings step 2)

In the opened window, click the Refresh Firefox button.

Clicking on Refresh Firefox button (Reset Firefox to default settings step 3)

In the opened window, confirm that you wish to reset Mozilla Firefox settings to default by clicking the Refresh Firefox button.

Confirm your want to reset Firefox settings to default (Reset Firefox to default settings step 4)

safari browser logoRemove malicious extensions from Safari:

removing adware from safari step 1 - accessing preferences

Make sure your Safari browser is active, click Safari menu, and select Preferences....

removing adware from safari step 2 - removing extensions

In the opened window click Extensions, locate any recently installed suspicious extension, select it and click Uninstall.

Optional method:

Make sure your Safari browser is active and click on Safari menu. From the drop down menu select Clear History and Website Data...

resetting safari step 1

In the opened window select all history and click the Clear History button.

resetting safari step 2

Microsoft Edge (Chromium) logoRemove malicious extensions from Microsoft Edge:

Removing adware from Microsoft Edge step 1

Click the Edge menu icon Microsoft Edge (chromium) menu icon (at the upper-right corner of Microsoft Edge), select "Extensions". Locate all recently-installed suspicious browser add-ons and click "Remove" below their names.

Removing adware from Microsoft Edge step 2

Optional method:

If you continue to have problems with removal of the you are the chosen! pop-up, reset your Microsoft Edge browser settings. Click the Edge menu icon Microsoft Edge (chromium) menu icon (at the top right corner of Microsoft Edge) and select Settings.

Microsoft Edge (Chromium) reset step 1

In the opened settings menu select Reset settings.

Microsoft Edge (Chromium) reset step 2

Select Restore settings to their default values. In the opened window, confirm that you wish to reset Microsoft Edge settings to default by clicking the Reset button.

Microsoft Edge (Chromium) reset step 3

  • If this did not help, follow these alternative instructions explaining how to reset the Microsoft Edge browser.

Summary:

declining installation of adware while downloading free software sampleCommonly, adware or potentially unwanted applications infiltrate Internet browsers through free software downloads. Note that the safest source for downloading free software is via developers' websites only. To avoid installation of adware, be very attentive when downloading and installing free software. When installing previously-downloaded free programs, choose the custom or advanced installation options – this step will reveal any potentially unwanted applications listed for installation together with your chosen free program.

Removal assistance:
If you are experiencing problems while trying to remove you are the chosen! pop-up from your computer, please ask for assistance in our malware support forum.

Post a comment:
If you have additional information on you are the chosen! pop-up or it's removal please share your knowledge in the comments section below.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
YOU ARE THE CHOSEN! pop-up QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of YOU ARE THE CHOSEN! pop-up on your mobile device.
We Recommend:

Get rid of YOU ARE THE CHOSEN! pop-up today:

▼ REMOVE IT NOW with Spyhunter

Platform: Windows

Editors' Rating for Spyhunter:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.