Tech support scams are not going anywhere any time soon. The number of fake pop ups and bogus 1-800 numbers keep popping all over the place.
This usually happens while you are browsing the web, or perhaps if you make a typo in a site’s name. This is a classic scare tactic with the goal of tricking you into calling for “tech support”.
Miscreants operating out of boiler rooms will impersonate Microsoft and ask you to pay hundreds of dollars for non-existent. Worse, they may hijack your PC and infect it with malware before running away.
The following screen will probably look familiar:
In an interesting twist first reported by How-To Geek, one such scammer is trying out a different scare tactic. Rather than direct victims to a phone number, it pushes a piece of software, which appears to be AdwCleaner.
It does so by using an iframe, a rather rudimentary way of prompting for a download.
<iframe src=”../get_file.php?owner=me” height=”1″ width=”1″>
The program turns out to be a rip-off of the real AdwCleaner, a completely free removal tool. When ran, it will detect fake infections and demand payment in order to remove them:
This program is completely bogus and does nothing. In fact, even if you pay for it and enter the license key, you get a message to download the real AdwCleaner (which the crook calls the ‘full version’)
Sadly, many people have fallen for this scam already as shown in this screenshot below. This is sort of a stats/payment dashboard that is actually publicly visible.
We can see interesting data points such as how many people ran the program, how many converted, etc.
As a rule of thumb, you should only download programs from their official website. It is also a good idea to scan a file before running it. Services such as VirusTotal can provide a second opinion by checking the file against multiple security products.
Malwarebytes Anti-Malware detects and removes this fraudulent piece of software as Trojan.FakeAdwareCleaner.A.
We also provide a manual removal guide in our forum (thanks Pieter Arntz).
For more information about tech support scams, please visit our scams resource page.
Special thanks to Stefan Dásic for reporting this scam.
good article
I wish there was a good way to make this sort of information accessible to non-technical computer users like my dad, my mom, my wife, and my daughter. But when they see the windows logo or the microsoft logo then they are likely to follow the instructions and get burned. I’ve told them all, you can’t reach for the credit card until you have talked to me about it.
Anybody ever heard of Crush Arcade? I have it on my computer and nothing finds it, not even yours…any clues?
This is just crap… I bet they run these for 6months then don’t pay any more attention to their own scams… just seem to keep being a pain but easiest way is just to ignore them 100% then they will stop doing the **** pop ups…. and find another way… *smile wrily* what next…. *Yawn*
I got one with a phone number , I called it & no one answered