FacebookTwitterLinkedIn

Avoid being scammed by "Windows Defender Browser Protection"

Also Known As: Windows Defender Browser Protection tech support scam
Type: Phishing/Scam
Damage level: Medium

Tomas Meskauskas Written by on (updated)

What is "Windows Defender Browser Protection"?

"Windows Defender Browser Protection" is a technical support scam. This scam model operates by warning of potential/detected infections and urging users to contact a 'legitimate' support service. The "Windows Defender Browser Protection" scheme is run on various deceptive websites.

It claims that the browser has been compromised and immediate actions are necessary.

Note that no site can detect the presence of infections on systems, and therefore any that make such statements are undoubtedly scams. Visitors to these deceptive web pages rarely access them intentionally - they are usually redirected by intrusive advertisements or Potentially Unwanted Applications (PUAs) already infiltrated into the device.

Windows Defender Browser Protection scam

The scam informs users that the "Windows" security system has detected attempts to stealthily exfiltrate data from their browsers. The targeted information included financial data, such as banking account credentials and associated details.

This supposed data theft has been prevented, however, it is recommended that users block all related accounts and take other unspecified security measures. It is also added that despite the success of the prevention measures, it is unclear whether other private information has been compromised and/or is still at risk.

Furthermore, this alleged virus may have damaged the system and it is thus necessary to check its health and stability. Therefore, the scam states that users must contact "Microsoft service center support" and provides the relevant telephone numbers for this purpose.

The risk of calling fraudulent technical support lines is that they are typically very expensive (despite often being indicated as "free"). These scammers cannot actually provide 'tech support', since all information presented by the respective scams is false.

Additionally, under the guise of genuine technicians, the cyber criminals may ask to run checks and/or fix the issues manually, hence gaining access to the system. To summarize, trusting "Windows Defender Browser Protection" and other similar schemes can lead to various infiltration and infections, financial loss, serious privacy issues and even identity theft.

Deceptive web pages can sometimes execute scripts to prevent users from closing them. In these cases, Task Manger must be used to end the browser process. Note that the next time the browser is opened, it is important not to restore the previous session, as doing so will reopen the malicious site.

As mentioned in the introduction, deceptive/scam web pages are commonly force-opened by PUAs. These applications can also open sale-oriented, rogue, untrusted, compromised and malicious pages. As well as causing redirects, unwanted apps also have various other capabilities.

They can function as adware - i.e., deliver intrusive advertisements (e.g. banners, pop-ups, surveys, coupons, etc.). Other PUAs classified as browser hijackers can modify browser settings, restrict/deny access to them and promote fake search engines. Regardless of their specific capabilities, most PUAs track data.

They can monitor browsing activity (URLs visited, search queries typed, etc.) and gather personal information (IP address, geolocations and other details).

This private data is often shared with third parties (potentially, cyber criminals) seeking to generate revenue. Therefore, the presence of PUAs on systems can endanger device integrity and user safety. You are strongly advised to remove all dubious applications and/or browser extensions/plug-ins immediately upon detection.

Threat Summary:
Name Windows Defender Browser Protection tech support scam
Threat Type Phishing, Scam, Social Engineering, Fraud.
Fake Claim Scam claims users' browsers have been compromised and that their private data is at risk.
Tech Support Scammer Phone Number +1 (570) 844-2039
Symptoms Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods Compromised websites, rogue online pop-up ads, potentially unwanted applications.
Damage Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner
To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

"VIRAL ALARM OF MICROSOFT", "Windows is not activated" and "CRITICAL_PROCESS_DIED" are examples of other technical support scams, however, there are many other popular models, such as alerts of outdated and/or missing software, prize giveaways, 'amazing' offers, etc.

Social engineering and scare tactics are used to further these schemes. The purpose might be to trick users into: calling expensive numbers; downloading/installing and/or purchasing nonoperational, untrusted or malicious content; revealing personal information (e.g. identity, banking, credit card details, etc.); making monetary transactions, various fees/payments, and so on.

How did potentially unwanted applications install on my computer?

PUAs proliferate via the download/installation set-ups of other programs. This deceptive marketing tactic of pre-packing normal content with unwanted or malicious software is called 'bundling'. Rushing download/installation processes (e.g. skipping steps and sections, etc.) increases the risk of unintentionally allowing bundled applications onto the system.

Certain PUAs have "official" promotional sites, from which they can be downloaded. Intrusive ads also proliferate these apps. When an intrusive advertisement is clicked, it can execute scripts to download/install PUAs without users' permission.

How to avoid installation of potentially unwanted applications

Research all content prior to download/installation. Use only official and verified download channels. P2P sharing networks (BitTorrent, eMule, Gnutella, etc.), free file-hosting websites and other third party downloaders are untrustworthy and should be avoided.

When downloading/installing, it is important to read the terms, study all possible options, use the "Custom/Advanced" settings and opt-out of supplementary apps, tools, features and so on. Intrusive may seem legitimate, however, they cause redirects to dubious web pages (e.g. gambling, pornography, adult-dating, etc.).

If you encounter these advertisements/redirects, inspect the device and remove all suspicious applications and/or browser extensions/plug-ins immediately. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

Text presented by "Windows Defender Browser Protection" scam:

Windows Defender Browser Protection
Stop code: Mozilla Firefox Detect Malware | Error Report

Security system has detected the threatening attempt to gain access to your bank logins and related data, but this dangerous connection was blocked with Firewall and further data leaks was prevented.
We strongly recommended you to perform temporary block of all of your accounts, and take some necessary security measures.
Despite the timely blocking of the connection, there is still a serious threat of private data stealth.
Please, don t wait to respond, every minute is important!
There is possibility that virus already hurt your disks or destroyed and stole its data.
It is reason for checking current system security and verifying its stability.
Do not spend your time and immediately call us or contact our service center support.

----------------------
Contact Microsoft Support:
+1 (570) 844-2039
----------------------
We are waiting for your rapid responce to help you.
Please contact our administration to solve this issue.
Call Help Desk:
+1 (570) 844-2039

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
 ▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

  • Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
  • Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
  • Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
  • Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
  • Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

Example of a pop-up scam

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

  • If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
  • If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
  • If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
  • Help other Internet users: report Internet scams to Federal Trade Commission.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Top Removal Guides
QR Code
Windows Defender Browser Protection tech support scam QR code
Scan this QR code to have an easy access removal guide of Windows Defender Browser Protection tech support scam on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.