How to remove redirects to the guesstimateds.com scam website
Written by Tomas Meskauskas on (updated)
What is guesstimateds[.]com?
guesstimateds[.]com is a rogue website running various scams. The researched variant claims that, by completing a short survey, users can win a prize. These schemes are typically designed for phishing purposes. I.e., by offering fake prizes, they attempt to extort personal information and/or otherwise abuse people's trust.
Few visitors to guesstimateds[.]com access it intentionally - most are redirected to the site by intrusive ads or Potentially Unwanted Applications (PUAs).
These apps do not need express permission to be installed onto devices. Following successful infiltration, however, they cause redirects, run intrusive advertisement campaigns, hijack browsers and track browsing-related data.
The scam promoted by guesstimateds[.]com states that visitors have been randomly selected to participate in a survey. This questionnaire is brief and, following completion, users supposedly have the chance to win a Samsung Galaxy S10+. Allegedly, this giveaway takes place each Tuesday, and ten participants win "awesome" prizes.
The winners are selected based on their geolocations (i.e., ten users from a certain region). The survey consists of four multi-choice questions concerning gender, age, location and whether people have previously purchased a Samsung Galaxy S10+. After this, users are presented with graphical renditions of gifts and are granted several attempts to select a "lucky gift-box".
After the draw, users are instructed that they have the chance to win the promised device. By following further instructions, they are apparently one step closer to receiving it. Scams of this type typically ask users to provide specific information, so that the gift can be sent to them.
The requested details might be names, addresses, telephone numbers, emails, banking information, etc. This data is often misused for various other schemes: banking information (e.g. banking account, credit card details) can be misused by scammers to make fraudulent transactions and/or online purchases.
These scams might also ask users to make fake payments (e.g. for shipping, registrations, subscriptions, etc.) to receive the prize. To summarize, trusting guesstimateds[.]com poses a threat to device and user safety. Therefore, you are strongly advised against visiting or trusting this deceptive site.
One of the main causes of rogue redirects to websites such as guesstimateds[.]com are PUAs. These applications can also force-open untrusted, sale-based, compromised and malicious pages, however, PUAs have other capabilities. Adware-type app deliver pop-ups, banners, coupons and other intrusive ads.
These diminish the browsing experience and are a threat. When clicked, they redirect to dubious/malicious sites and can even stealthily download/install rogue software. Another type, classified as browser hijackers, modify browser settings and restrict/deny access to them.
These alterations ensure successful promotion of fake search engines. These bogus web searchers are seldom capable of providing unique results, and so they redirect to Google, Yahoo, Bing and other genuine search engines. Furthermore, most PUAs can track data.
They can record browsing activity (URLs visited, web pages viewed, search queries typed, etc.) and gather information extracted from it (IP addresses, geolocations and other details). Furthermore, the collected data can be especially sensitive and is usually shared with third parties (potentially, cyber criminals).
The presence of unwanted apps on devices can lead to system infections, financial loss, serious privacy issues and even identity theft. To protect device and user safety, eliminate all suspicious applications and browser extensions/plug-ins immediately upon detection.
Name | guesstimateds.com pop-up |
Threat Type | Phishing, Scam, Social Engineering, Fraud. |
Fake Claim | Users can supposedly win a prize by completing a survey (the nature of the scams might vary). |
Serving IP Address | 13.249.135.24 |
Symptoms | Fake error messages, fake system warnings, pop-up errors, hoax computer scan. |
Distribution methods | Compromised websites, rogue online pop-up ads, potentially unwanted applications. |
Damage | Loss of sensitive private information, monetary loss, identity theft, possible malware infections. |
Malware Removal (Windows) | To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. |
"International Official Lottery", "You've Made The 5-billionth Search", and "$1000 VISA Gift Card" are some examples of other scams offering fake prizes.
The internet is rife with various schemes making various claims and offers. Another popular model is the technical support scam (e.g. "System Warning Alert", "WARNING! 36 infections found!!!", "CRITICAL_PROCESS_DIED", to name just some).
These promote nonoperational, untrusted or malicious software; trick users into calling fake and expensive "tech support" lines; extort payment for "services rendered", etc. Regardless of how these deceptive websites operate, their purpose is identical: to generate revenue for the scammers/cyber criminals behind them.
How did potentially unwanted applications install on my computer?
Some PUAs have "official" download pages, which are often promoted by deceptive/scam sites. These applications are also distributed via the download/installation set-ups of other programs. "Bundling" is the term used to define this deceptive marketing technique of pre-packing regular software with unwanted or malicious additions.
Rushing download/installation processes (e.g. ignoring terms, skipping steps and sections, etc.), increases the risk of inadvertent installation of dubious and/or bundled content. Intrusive advertisements also proliferate PUAs. Once clicked, they can execute scripts designed to make stealthy downloads/installations.
How to avoid installation of potentially unwanted applications
You are advised to research all software, and only download it from official/verified sources. Untrusted channels such as unofficial and free file-hosting websites, P2P sharing networks (BitTorrent, eMule, Gnutella, etc.) and other third party downloaders can offer deceptive and bundled content, and should thus be avoided.
When downloading/installing, it is important to read the terms, study all possible options, use the "Custom" or "Advanced" settings and opt-out of additional apps, tools, functions, and so on. Intrusive ads may seem normal and harmless, however, they can redirect to dubious web pages (e.g. gambling, pornography, adult-dating and others).
If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented in the main web page of guesstimateds[.]com:
Loyalty program
2 June, 2020
Congratulations!!
Today June 2, 2020 you have been randomly selected to participate in this survey. It will only take you a minute and you will have the chance to receive a prize: a Samsung Galaxy S10+.
Like every Tuesday we randomly give 10 users fantastic prizes. The prize of today is: Samsung Galaxy S10+! Only 10 lucky users who live in South Africa will be the winners!
This survey is carried out in order to improve the service to our users.
You only have 1 Minute and 29 Seconds, to participate.
Hurry up! There is a limited number of prizes!
Questions:
Are you a man or a woman?
How old are you?
How many people live at your place?
Have you ever bought in Samsung Galaxy S10+?
Screenshot of the page displayed by guesstimateds[.]com after the survey is completed:
Text presented in this page:
Congratulations!
Your answers have been submitted
Tuesday, 2 June 2020 11:01
Now you have the chance to win this fantastic prize
Try your luck!
Screenshot of the page displayed after a lucky box is selected:
Text presented in this page:
GOOD CHOICE!
You have the chance to win the Samsung Galaxy S10+! Follow the instructions and you will be one step closer to win your Samsung Galaxy S10+!
The appearance of guesstimateds[.]com scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is guesstimateds.com pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
▼ Show Discussion