What is "Windows Defender Browser Protection"?
"Windows Defender Browser Protection" is a technical support scam. This scam model operates by warning of potential/detected infections and urging users to contact a 'legitimate' support service. The "Windows Defender Browser Protection" scheme is run on various deceptive websites.
It claims that the browser has been compromised and immediate actions are necessary.
Note that no site can detect the presence of infections on systems, and therefore any that make such statements are undoubtedly scams. Visitors to these deceptive web pages rarely access them intentionally - they are usually redirected by intrusive advertisements or Potentially Unwanted Applications (PUAs) already infiltrated into the device.
The scam informs users that the "Windows" security system has detected attempts to stealthily exfiltrate data from their browsers. The targeted information included financial data, such as banking account credentials and associated details.
This supposed data theft has been prevented, however, it is recommended that users block all related accounts and take other unspecified security measures. It is also added that despite the success of the prevention measures, it is unclear whether other private information has been compromised and/or is still at risk.
Furthermore, this alleged virus may have damaged the system and it is thus necessary to check its health and stability. Therefore, the scam states that users must contact "Microsoft service center support" and provides the relevant telephone numbers for this purpose.
The risk of calling fraudulent technical support lines is that they are typically very expensive (despite often being indicated as "free"). These scammers cannot actually provide 'tech support', since all information presented by the respective scams is false.
Additionally, under the guise of genuine technicians, the cyber criminals may ask to run checks and/or fix the issues manually, hence gaining access to the system. To summarize, trusting "Windows Defender Browser Protection" and other similar schemes can lead to various infiltration and infections, financial loss, serious privacy issues and even identity theft.
Deceptive web pages can sometimes execute scripts to prevent users from closing them. In these cases, Task Manger must be used to end the browser process. Note that the next time the browser is opened, it is important not to restore the previous session, as doing so will reopen the malicious site.
As mentioned in the introduction, deceptive/scam web pages are commonly force-opened by PUAs. These applications can also open sale-oriented, rogue, untrusted, compromised and malicious pages. As well as causing redirects, unwanted apps also have various other capabilities.
They can function as adware - i.e., deliver intrusive advertisements (e.g. banners, pop-ups, surveys, coupons, etc.). Other PUAs classified as browser hijackers can modify browser settings, restrict/deny access to them and promote fake search engines. Regardless of their specific capabilities, most PUAs track data.
They can monitor browsing activity (URLs visited, search queries typed, etc.) and gather personal information (IP address, geolocations and other details).
This private data is often shared with third parties (potentially, cyber criminals) seeking to generate revenue. Therefore, the presence of PUAs on systems can endanger device integrity and user safety. You are strongly advised to remove all dubious applications and/or browser extensions/plug-ins immediately upon detection.
|Name||Windows Defender Browser Protection tech support scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud.|
|Fake Claim||Scam claims users' browsers have been compromised and that their private data is at risk.|
|Tech Support Scammer Phone Number||+1 (570) 844-2039|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
"VIRAL ALARM OF MICROSOFT", "Windows is not activated" and "CRITICAL_PROCESS_DIED" are examples of other technical support scams, however, there are many other popular models, such as alerts of outdated and/or missing software, prize giveaways, 'amazing' offers, etc.
Social engineering and scare tactics are used to further these schemes. The purpose might be to trick users into: calling expensive numbers; downloading/installing and/or purchasing nonoperational, untrusted or malicious content; revealing personal information (e.g. identity, banking, credit card details, etc.); making monetary transactions, various fees/payments, and so on.
How did potentially unwanted applications install on my computer?
PUAs proliferate via the download/installation set-ups of other programs. This deceptive marketing tactic of pre-packing normal content with unwanted or malicious software is called 'bundling'. Rushing download/installation processes (e.g. skipping steps and sections, etc.) increases the risk of unintentionally allowing bundled applications onto the system.
Certain PUAs have "official" promotional sites, from which they can be downloaded. Intrusive ads also proliferate these apps. When an intrusive advertisement is clicked, it can execute scripts to download/install PUAs without users' permission.
How to avoid installation of potentially unwanted applications
Research all content prior to download/installation. Use only official and verified download channels. P2P sharing networks (BitTorrent, eMule, Gnutella, etc.), free file-hosting websites and other third party downloaders are untrustworthy and should be avoided.
When downloading/installing, it is important to read the terms, study all possible options, use the "Custom/Advanced" settings and opt-out of supplementary apps, tools, features and so on. Intrusive may seem legitimate, however, they cause redirects to dubious web pages (e.g. gambling, pornography, adult-dating, etc.).
If you encounter these advertisements/redirects, inspect the device and remove all suspicious applications and/or browser extensions/plug-ins immediately. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented by "Windows Defender Browser Protection" scam:
Windows Defender Browser Protection
Stop code: Mozilla Firefox Detect Malware | Error Report
Security system has detected the threatening attempt to gain access to your bank logins and related data, but this dangerous connection was blocked with Firewall and further data leaks was prevented.
We strongly recommended you to perform temporary block of all of your accounts, and take some necessary security measures.
Despite the timely blocking of the connection, there is still a serious threat of private data stealth.
Please, don t wait to respond, every minute is important!
There is possibility that virus already hurt your disks or destroyed and stole its data.
It is reason for checking current system security and verifying its stability.
Do not spend your time and immediately call us or contact our service center support.
Contact Microsoft Support:
+1 (570) 844-2039
We are waiting for your rapid responce to help you.
Please contact our administration to solve this issue.
Call Help Desk:
+1 (570) 844-2039
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Windows Defender Browser Protection tech support scam?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.