What is "Error Code: #0x564897"?
"Error Code: #0x564897" is a technical support scam run on various deceptive websites. This scheme has been observed being promoted via the Amazon AWS service.
Scams of this type operate by informing users of (nonexistent) viruses detected on their devices to trick them into contacting fake tech support. No web page can detect threats/issues present on systems, and any that make such claims are scams.
Users rarely access these deceptive sites intentionally - most enter them via mistyped URLs, redirects caused by intrusive ads, and installed Potentially Unwanted Applications (PUAs).
When a website promoting the "Error Code: #0x564897" scam is accessed, it presents visitors with multiple pop-up windows. In general, the messages presented in the pop-ups claim that users' devices are infected, access to them has been blocked, and instructs them to call the provided "helplines".
This scheme is presented as an alert from Windows Defender, Windows Firewall, and Microsoft. Naturally, the scam is in no way associated with the Microsoft Corporation.
The bogus infection is specified as "Trojan Spyware Alert - Error Code: #0x564897", which has supposedly led to the device being blocked for security reasons.
The scheme states that the fake malware infection threatens the security/privacy of users' account log-in credentials (i.e., usernames and passwords), pictures/photographs, documents, financial information, online identity, and so on. Throughout the hoax alerts, users are urged to call fraudulent technical support lines.
As mentioned, all of the claims made by "Trojan Spyware Alert - Error Code: #0x564897" are false. Therefore, websites running these schemes should be ignored and closed. Should it be impossible to close the deceptive page, use Windows Task Manager to end the browser process.
It is important not to restore the previous browsing session when reopening the browser, as doing so will also reopen the scam site.
All scams aim to generate revenue for the individuals/groups behind them, and tech support scams are no different in this regard. How the schemes profit differs. This type of scam is initiated when users call the provided "helplines". Typically, scammers ask to remotely access the allegedly infected device in order to remove the fake problems.
The primary source of revenue are the exorbitant sums the scammers ask as payment for their "services". Yet, this is not the sole threat posed by these schemes.
On the accessed machine, scammers can perform bogus malware removal processes, run fake system scans, uninstall genuine protection tools, install bogus anti-viruses (which require purchase), and infect the device with malicious programs (e.g., trojans, ransomware, etc.).
Scammers often install RATs (Remote Access Trojans), which enable stealthy (and potentially indefinite) access and control over the infected machine.
Sensitive/Personal information is also targeted by these scams such as names, addresses, telephone numbers, emails, account/platform usernames and passwords, credit card details, etc.
The data can be disclosed by the victims themselves, extracted from the system, and/or recorded through phishing websites (e.g., fake log-in pages, dubious payment gateways, etc.).
Scammers usually ask victims to pay in digital currencies (e.g., cryptocurrencies, pre-paid vouchers, gift cards, etc.) because these transactions are difficult/impossible to trace. In this way, the scammers can avoid prosecution and the victims are prevented from returning their payments.
Furthermore, successfully scammed victims are often targeted repeatedly.
In summary, by trusting the "Error Code: #0x564897" technical support scam, users can experience system infections, severe privacy issues, significant financial losses, and identity theft.
PUAs are a prime cause of rogue redirects to untrusted/malicious websites (e.g., ones running "Error Code: #0x564897"), however, these applications can have other dangerous functions, which can be in varied combinations.
For example, PUAs can force-open dangerous web pages, deliver intrusive advertisement campaigns (adware), modify browsers (browser hijackers), and collect private information. Most unwanted apps also have data tracking capabilities. Information of interest includes: browsing and search engine histories, IP addresses, geolocations, and even personally identifiable details. PUA developers monetize the gathered data by sharing it with and/or selling it to third-parties (potentially, cyber criminals).
Therefore, it is crucial to immediately eliminate all suspicious applications and browser extensions/plug-ins to ensure device and user safety.
|Name||Error Code: #0x564897 tech support scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Scam claims users' devices are infected and urges them to contact fake technical support.|
|Disguise||Alerts from Windows Defender, Windows Firewall, and Microsoft|
|Tech Support Scammer Phone Number||+61-1800-951-046, +44-800-640-4562|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
"Error Code: x00082dfo09d", "Microsoft Security Essentials Alert", "WIN-8x0007 Error", and "Suspicious Movement Distinguished On You IP" are some examples of other tech support scams. The internet is full of misleading and deceptive content designed to gain and subsequently abuse users' trust.
Popular scam models are: warnings that the device is infected or at risk, alerts that a piece of software is outdated or missing, fake prize giveaways and raffles, "amazing" deals, etc.
Due to the widespread nature of online schemes, exercise caution when browsing.
How did potentially unwanted applications install on my computer?
PUAs are often downloaded/installed together with other products. This deceptive marketing technique of pre-packing regular software with unwanted or malicious additions is called "bundling".
By rushing through download/installation of software (e.g. ignoring terms, skipping steps and sections, using "Quick/Express" settings, etc.) many users risk unintentionally allowing bundled content into their devices. Intrusive advertisements proliferate PUAs as well. When clicked, the ads can execute scripts to download/install these applications without users' permission.
Some PUAs have "official" download web pages from which they can be downloaded.
How to avoid installation of potentially unwanted applications
You are advised to research all software before download/installation. Use only official and verified download channels. Unofficial and free file-hosting websites, Peer-to-Peer sharing networks (BitTorrent, Gnutella, eMule), and other third party downloaders commonly offer harmful and bundled content, and are therefore untrusted and should be avoided.
When downloading/installing, read the terms, study all possible options, use the "Custom/Advanced" settings and opt-out of additional apps, tools, features, and so on.
Intrusive advertisements typically seem legitimate, however, they can redirect to dubious and malicious sites (e.g. gambling, pornography, adult-dating, and many others). If you encounter ads or redirects of this kind, inspect the system and remove all dubious applications and browser extensions/plug-ins immediately.
Installed programs must be activated and updated with tools or implemented functions that are provided by the official developers. No other third party, unofficial tools should be used.
Note that it is illegal to activate licensed software with ‘cracking’ tools. Files and programs should be downloaded from official websites and via direct download links. Avoid third party installers and the tools/sources mentioned above.
Do not open website links or files in irrelevant emails that are received from unknown, suspicious addresses. These bogus emails are often disguised as official and important. Regularly, scan your computer with reputable, up-to-date antivirus or anti-spyware software.
If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented in the "Error Code: #0x564897" scam:
Windows Firewall Protection
Trojan Spyware Alert - Error Code: #0x564897
Access to this PC has been blocked for security reasons.
Contact WIndows Support: +61-1800-951-046 (AUS Toll Free)
Threat Detected - Trojan Spyware
Windows Defender - Security Warning Alert
** ACCESS TO THIS PC HAS BEEN BLOCKED FOR SECURITY REASONS **
Your computer has alerted us that it has been infected with a Trojan Spyware. The following data has been compromised.
Pictures & Documents
Windows Defender Scan has found potentially unwanted Adware on this device that can steal your passwords, online identity, financial information, personal files, pictures or documents.
You must contact us immediately so that our engineers can walk you through the removal process over the phone.
Call Microsoft Support immediately to report this threat, prevent identity theft and unlock access to this device.
Closing this window will put your personal information at risk and lead to a suspension of your Windows Registration.
Call Microsoft Support: +61-1800-951-046 (AUS Toll Free)
Appearance of "Error Code: #0x564897" pop-up scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Error Code: #0x564897 tech support scam?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.