What is "Your Windows OS Is Damaged"?
While inspecting websites that use rogue advertising networks, our research team discovered a page promoting the "Your Windows OS Is Damaged" scam. It is a technical support scam presented as a system warning from Windows claiming that the visitor's operating system has been damaged due to virus infections.
It must be emphasized that all these claims are false, and by calling the provided numbers - users will engage with the scammers and potentially fall for their scam.
"Your Windows OS Is Damaged" scam overview
When we inspected "Your Windows OS Is Damaged", it consisted of multiple pop-ups disguised as the Microsoft Defender (described in the scam by its former name - "Windows Defender") system scan and Windows system warnings.
Tech support scams aim to trick users into calling fake helplines in order to eradicate nonexistent threats/issues, and "Your Windows OS Is Damaged" is not an exception. Typically, in these schemes, victims are lured into allowing the scammers to remotely access their devices (often with the aid of software like TeamViewer, UltraViewer, AnyDesk, etc.).
How the scam progresses once the remote access is established can vary. For example, cyber criminals, under the guise of "expert technicians" or legitimate software/service "support" - pretend to remove viruses, run system scans, install safety tools, etc.
Scammers can cause a wide variety of damage to the devices they connect to, such as disabling/removing genuine security programs, installing fake anti-viruses, stealing sensitive data, infiltrating actual malware into the operating system (trojans, ransomware, cryptominers, etc.), and so forth.
Criminals target a wide variety of information: personally identifiable details, account log-in credentials, credit card numbers, and so on. The data can be extracted by deceiving users into revealing it over the phone, typing it where it is supposedly invisible (e.g., on the device's notepad application, etc.), entering it into phishing websites/files, or it can be extracted by malware.
Furthermore, the "services" of scammers tend to be exorbitantly priced. Difficult or impossible-to-trace methods are used to transfer the money, such as in digital currencies (e.g., cryptocurrencies, gift cards, pre-paid vouchers, etc.) or hidden within innocuous-looking packages and shipped. By selecting these methods, the scammers ensure that they could not be persecuted and the victims would be unable to retrieve their funds. What is more, successfully scammed victims are often targeted repeatedly.
In summary, victims of a technical support scam like "Your Windows OS Is Damaged" can experience system infections, severe privacy issues, significant financial losses, and even identity theft.
Should you find it impossible to exit a scam website, end the browser's process using the Windows Task Manager. Note that the previous browsing session must not be restored when you open your browser since that would reopen the deceptive page as well.
If you have already allowed cyber criminals to access your device remotely - first, you must disconnect it from the Internet. Afterward, remove the remote access software that the criminals used, as they may not need your consent to reconnect. Lastly, use an anti-virus to run a full system scan and remove all detected threats.
Additionally, if you believe that your account credentials are at risk - change the passwords of all potentially compromised accounts and inform their official support without delay. And if your other private data has been exposed (e.g., ID card details, credit card numbers, etc.) - immediately contact the appropriate authorities.
|Name||"Your Windows OS Is Damaged" pop-up|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Operating system is damaged by viruses.|
|Tech Support Scammer Phone Number||+65-3129-0662|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Technical support scam examples
We have analyzed thousands of online scams; "1978 Act Of Protection Of Children", "Your Windows Got Corrupted Due To Virus", and "Pirated Windows Software detected in this Computer" are merely a few examples of tech support scams.
Deceptive content can make various claims and use different disguises. However, regardless of what it promises, its sole goal is to generate revenue at victims' expense. Due to how widespread scams are online, we strongly advise exercising caution when browsing.
How did I open a scam website?
Scam websites are often accessed via pages that use rogue advertising networks. The former can be force-opened upon initial access or when hosted content is interacted with (e.g., clicking buttons, links, text input fields, etc.). Additionally, online scams are promoted by intrusive advertisements and spam browser notifications.
Misspelling a website's URL can also result in a redirect landing on a deceptive webpage. Adware promotes this content by displaying scam-pushing ads or force-opening sites that host it.
How to avoid visiting scam websites?
We advise against using websites that offer pirated content or other questionable services (e.g., Torrenting, illegal streaming/downloading, etc.), as these sites are usually monetized through rogue advertising networks. It is important to pay attention to website URLs and be careful when entering them.
To avoid receiving undesirable browser notifications, do not permit suspicious webpages to deliver them (i.e., do not click "Allow", "Allow Notifications", etc.). Instead, ignore or deny notification requests displayed by such pages (i.e., select "Block", "Block Notifications", etc.).
It is essential to download only from official/verified sources and approach installation with caution. We highly recommend being vigilant when browsing, as fraudulent and malicious online content typically appears legitimate and harmless.
It is paramount for device/user safety to have a reputable anti-virus installed and kept updated. Security programs must be used to run regular system scans and to remove detected threats/issues. If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Text presented in "Your Windows OS Is Damaged" pop-up:
Your Windows OS is damaged
Note: Your current version of Windows security infected with Viruses and other malicious applications. Viruses must be removed in:
Important: Please click UPDATE button to install the latest version and protect your data.
Microsoft Helpline: +65-3129-0662 (Toll-Free)
The appearance of "Your Windows OS Is Damaged" pop-up scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "Your Windows OS Is Damaged" pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Pop-up scams are deceptive messages designed to entice/scare users into performing specific actions, e.g., calling fake support lines, allowing cyber criminals to access devices remotely, transferring money, revealing vulnerable information, downloading/installing software, etc.
What is the purpose of a pop-up scam?
Pop-up scams aim to generate revenue. Cyber criminals can profit by obtaining funds through deception, selling or abusing private data, promoting software/services/products, distributing malware, and so forth.
Why do I encounter fake pop-ups?
Pop-up scams are promoted on rogue webpages. These sites are most commonly accessed through redirects caused by pages that use rogue advertising networks, mistyped URLs, spam browser notifications, intrusive ads, or installed adware.
I cannot exit a scam page, how do I close it?
If you are unable to close a scam website, use the Task Manager to end the browser's process. However, keep in mind that restoring the previous browsing session will reopen the deceptive page.
I have allowed cyber criminals to remotely access my computer, what should I do?
If you have permitted cyber criminals to remotely access your device, disconnect it from the Internet. Then you have to uninstall the remote access software that the scammers used (e.g., TeamViewer, AnyDesk, UltraViewer, etc.). Lastly, use an anti-virus to perform a complete system scan and remove all detected threats.
I have provided my personal information when tricked by a pop-up scam, what should I do?
If you have provided log-in credentials - immediately change the password of all possibly exposed accounts and inform their official support. And if you have disclosed other private information (e.g., personally identifiable details, credit card numbers, etc.) - contact relevant authorities without delay.
Will Combo Cleaner protect me from pop-up scams and the malware they proliferate?
Combo Cleaner is designed to detect and remove threats. It is capable of scanning visited websites and detecting malicious ones (including those that promote scams). Furthermore, it can block access to such sites. Combo Cleaner can also detect and eliminate most of the known malware infections. However, since high-end malicious programs tend to hide deep within systems - running a full system scan is crucial.