What kind of scam is "Google Safe Browser Total Protection"?
Our researchers discovered the "Google Safe Browser Total Protection" scam while reviewing deceptive websites. Presented as a browser security tool from Google, the scheme "detects" various threats on users' devices.
It must be stressed that all the information provided by this scam is false, and it is in no way associated with Google or any of its products or services.
"Google Safe Browser Total Protection" scam overview
When a site promoting this scam is entered, the visitor is presented with a fake system scan. It detects several viruses and adware on their device. Afterward, the scam displays a pop-up detailing the nonexistent issues and the potential dangers they pose.
As mentioned in the introduction, all the claims made by "Google Safe Browser Total Protection" are false, and this scam is not associated with Google or any of its products/services. Keep in mind that no website can perform system scans and/or detect threats/issues on visitors' devices.
In most cases, deceptive content of this kind is used to promote untrustworthy/harmful software under the guise of genuine security tools. For example, the scam may push fake anti-viruses, adware, browser hijackers, and various PUAs. We have even found instances where this type of scheme was used to proliferate trojans, ransomware, and other malware.
It is pertinent to mention that such scams might redirect users to the official websites of genuine products or services. In these instances, scammers seek to acquire illegitimate commissions for the promotion by abusing the content's affiliate programs.
It is worth noting that, at the time of research, the page running "Google Safe Browser Total Protection" requested permission to deliver browser notifications. These advertisements primarily endorse online scams, unreliable/hazardous software, and even malware.
To summarize, by trusting a scam like "Google Safe Browser Total Protection" – users may experience system infections, serious privacy issues, financial losses, and identity theft.
|Name||"Google Safe Browser Total Protection" pop-up|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Multiple viruses and other threats have been detected on the user's device.|
|Detection Names (systemsecurity[.]click)||alphaMountain.ai (Suspicious), ESET (Suspicious), Full List Of Detections (VirusTotal)|
|Serving IP Address (systemsecurity[.]click)||188.8.131.52|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Similar scam examples
"CCleaner Total Protection", "Security Protection Center", "Avast - Your PC Is Infected With 5 Viruses!", "AVG Security", and "YOUR DEVICE MAY BE COMPROMISED" are just some examples of scams akin to "Google Safe Browser Total Protection" that we have analyzed recently.
Fake threat/error alerts are a common theme for online scams; however, they are not employed exclusively to promote software. This scam model is also used to lure victims into subscribing to bogus services, transferring money for fake products/services, calling fraudulent support lines, and so on.
Other deceptive claims are used to promote scams as well. The Internet is rife with fraudulent and malicious content. Therefore, we strongly advise being careful while browsing.
How did I open a scam website?
Deceptive pages can be force-opened when a site that uses rogue advertising networks is accessed. This type of website can also generate redirects to scam-promoting pages when hosted content is interacted with (e.g., clicking buttons, text input fields, ads, links, etc.).
Mistyping a site's URL can also result in a redirect to (or a redirection chain landing on) a scam webpage. Intrusive adverts and spam browser notifications endorse this content as well.
Adware installed on a device can display scam-endorsing advertisements and/or force-open websites running schemes. Another promoter is spam (e.g., emails, PMs/DMs, SMSes, forum/ social media posts, etc.).
How to avoid visiting scam websites?
We advise against using websites that offer pirated programs/media or other questionable services (e.g., Torrenting, illegal streaming/downloading, etc.), as these pages typically utilize rogue advertising networks.
Fake and dangerous online content usually appears legitimate and harmless, e.g., intrusive ads and spam browser notifications tend to look innocuous yet redirect to unreliable/deceptive websites.
To avoid receiving unwanted browser notifications – do not enable suspect sites to deliver them (i.e., do not click "Allow", "Allow Notifications", etc.). Instead, ignore or deny notification requests from such webpages (i.e., select "Block", "Block Notifications", etc.).
Additionally, pay attention to URLs and enter them with care. Exercise caution with incoming emails/messages, as attachments and links found in dubious mail can be harmful.
We also advise downloading only from official/trustworthy sources and treating installations with care (e.g., reading terms, using "Custom/Advanced" settings, and opting out of supplementary apps, extensions, etc.) – to prevent bundled/malicious content from infiltrating the device.
If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Screenshot of the "Google Safe Browser Total Protection" scam's pop-up:
Text presented in the "Google Safe Browser Total Protection" scam:
Google Safe Browser Total Protection
Scanning commonly infected areas and startup ./files...
Total items scanned: -
Total security risks detected;
1. Virus Win32/Hoax.Renos.HX Risk level: HIGH
2. Virus Trojan IRC/Backdoor.sd Risk level: HIGH
3. Adware Win32/Look2me.ab Risk level: Medium
4. Virus Trojan Key logger Risk level: HIGH
Total security risks resolved: 0
Total security risks requiring attention: 4
TROJAN_2023 and other viruses detected (5).
Scan results: 2023_TROJAN virus, password_SPY, AdSwitcher detected
- TROJAN found on this PC will most likely copy and delete all data from hard drives.
- Spyware will attempt to collect logins, passwords and banking details.
- Adware usually replaces search results with false and scammy websites.
It is highly recommended to use an antivirus immediately!
The appearance of "Google Safe Browser Total Protection" pop-up scam (GIF):
Screenshot of a notification (ad) displayed by the systemsecurity[.]click website:
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "Google Safe Browser Total Protection" pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Pop-up scams are deceptive messages designed to trick users into performing certain actions, e.g., making monetary transactions, disclosing private data, calling fake helplines, downloading/installing software, purchasing products, subscribing to services, and so forth.
What is the purpose of a pop-up scam?
The end goal of practically all scams is to generate revenue at victims' expense. Cyber criminals mainly profit by obtaining funds through deception, abusing or selling sensitive information, promoting content (e.g., sites, products, services, software, etc.), and proliferating malware.
Why do I encounter fake pop-ups?
Pop-up scams are promoted on deceptive pages. Most visitors access these websites via redirects caused by mistyped URLs, sites using rogue advertising networks, spam browser notifications, intrusive ads, or installed adware.
Will Combo Cleaner protect me from pop-up scams?
Combo Cleaner is designed to scan every single site you visit, and it can detect rogue, scam, and malicious ones. Should you enter such a webpage – you will be warned immediately, and further access to it will be blocked.