What kind of scam is "YOUR DEVICE MAY BE COMPROMISED"?
While investigating sites that utilize rogue advertising networks, our researchers discovered the "YOUR DEVICE MAY BE COMPROMISED" scam. It uses scare tactics to trick users into performing specific actions. Typically, scams of this ilk promote untrustworthy and harmful software.
"YOUR DEVICE MAY BE COMPROMISED" scam overview
When we accessed a webpage running this scam, it displayed a pop-up window claiming that the visitor's device may be compromised.
The background page insistently warned the user of potential malware infections and other threats such as malicious websites, hackers, etc. The scam reassured the visitor that they could solve this within seconds by running a powerful application to clean and protect their device. The page also depicted a countdown clock to create an impression of urgency.
After we clicked the "Clean my Device" button, the webpage prompted us to permit its browser notification delivery (spam notifications). When we clicked "Allow", the page redirected us to a nonfunctional website. However, this could be rectified by the scammers. Furthermore, redirects may be impacted by factors like user geolocation.
In most cases, scams of this kind endorse fake anti-virus tools, adware, browser hijackers, PUAs, and other dubious software. In rare instances, these schemes proliferate trojans, ransomware, and other malware. Alternatively, scams can redirect to the official sites of genuine products/services. This is due to the scammers abusing the content's affiliate programs to acquire illegitimate commissions for the promotion.
To summarize, victims of scams like "YOUR DEVICE MAY BE COMPROMISED" can experience system infections, severe privacy issues, financial losses, and even identity theft.
|Name||"YOUR DEVICE MAY BE COMPROMISED" pop-up|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Visitor's device may be compromised.|
|Related Domains||mobiledevice-protection[.]com, mobileunderguard[.]com, shielding-fordevice[.]com, mobiledevice-guard[.]com|
|Detection Names (mobiledevice-protection[.]com)||Avira (Phishing), CyRadar (Malicious), G-Data (Phishing), Kaspersky (Phishing), Sophos (Malware), Full List Of Detections (VirusTotal)|
|Serving IP Address (mobiledevice-protection[.]com)||184.108.40.206|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Similar scam examples
We have inspected thousands of scams; "Total AV Security - Your Smartphone Is Infected", "Your AVAST AntiVirus License Has Expired!", "Your Identity Has Been Stolen!", and "TROJAN_2023 And Other Viruses Detected (5)" are merely some examples of ones similar to "YOUR DEVICE MAY BE COMPROMISED".
Various deceptive claims are used by harmful online content to trick victims into downloading/installing software, purchasing products, disclosing sensitive information, making monetary transactions, etc. Online scams can be riddled with errors, use basic graphics, or be competently disguised as messages/warnings from legitimate service providers or other entities.
Due to how widespread deceptive and malicious material is on the Web – we strongly recommend exercising caution while browsing.
How did I open a scam website?
Deceptive websites can be force-opened the moment a page that uses rogue advertising networks is accessed. Alternatively, the latter can generate redirects to scam sites once hosted content is interacted with (e.g., clicking buttons, text input fields, ads, links, etc.).
Spam browser notifications and intrusive advertisements are also used to promote scams. Misspelling a website's URL can result in a redirect (or a redirection chain leading) to a deceptive page. Additionally, adware can display scam-promoting ads or generate redirects to sites hosting this content.
How to avoid visiting scam websites?
We strongly advise against visiting/using websites that employ rogue advertising networks; this includes sites offering pirated content or other questionable services (e.g., Torrenting, illegal streaming/downloading, etc.). We recommend paying attention to URLs and entering them with care.
To avoid receiving undesirable browser notifications – do not enable suspicious pages to deliver them (i.e., do not click "Allow", "Allow Notifications", etc.). Instead, ignore or deny notification delivery requests from such webpages (i.e., press "Block", "Block Notifications", etc.).
Furthermore, downloads must be performed from official/verified sources, and installation processes must be treated with caution (e.g., by reading terms, using "Custom/Advanced" settings, and opting out of all supplementary apps, extensions, tools, etc.) – to prevent bundled/harmful software from infiltrating the device.
If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Text presented in "YOUR DEVICE MAY BE COMPROMISED" scam:
YOUR DEVICE MAY BE COMPROMISED!
Thursday 10 August 2023
WARNING! Malwares can potentially damage your
Users everywhere are vulnerable and susceptible to Malware attacks. One can be injected through Aggressive Ads, Hackers or Malicious Websites.
Immediate Action is recommended to PREVENT infecting your device which may leak your Personal Details, Passwords and Important Data.
You can solve this easily in just a few seconds.
Solution: Run the powerful and approved application to clear your phone from SPAM ads and block potential Malware with a few taps.
Clean my Device
Screenshot of "YOUR DEVICE MAY BE COMPROMISED" scam's background page:
The appearance of "YOUR DEVICE MAY BE COMPROMISED" pop-up scam (GIF):
Another example of a background used by "YOUR DEVICE MAY BE COMPROMISED" pop-up scam:
Text presented within:
4 September 2023
Alert: Your might be at risk!
We've found potential vulnerabilities on your device linked to unwanted software. Such intrusions can sometimes compromise data, including your social media details, messages, photos, and other sensitive information.
Protecting your device can be done in a few steps:
Step 1: Tap "Protect My Device" below, then consider our suggested protection app on the subsequent page.
Step 2: Use the trusted, Google Play-verified app to shield your device from intrusive ads and possible threats.
Protect My Device
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "YOUR DEVICE MAY BE COMPROMISED" pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Basically, pop-up scams are deceptive messages designed to trick users into performing specific actions. Victims can be lured into making monetary transactions, disclosing private information, calling fake support lines, downloading/installing software, purchasing products, subscribing to services, and so on.
What is the purpose of a pop-up scam?
Pop-up scams aim to generate revenue at victims' expense. Cyber criminals predominantly profit by obtaining funds through deception, selling or abusing sensitive information, promoting content, or proliferating malware.
Why do I encounter fake pop-ups?
Pop-up scams are run on deceptive webpages that are rarely accessed intentionally. Most visitors enter them via redirects generated by sites using rogue advertising networks, misspelled URLs, spam browser notifications, intrusive ads, or installed adware.
Will Combo Cleaner protect me from pop-up scams?
Combo Cleaner can scan visited sites and detect rogue, deceptive/scam, and malicious ones. Therefore, should you enter such a page – you will be warned immediately, and further access to it will be blocked.