Microsoft warns internet users for a new sophisticated scam that makes it appear that Microsoft alerts the user that his computer is infected with a virus and that a provided phone number has to be called to fix the issue. In reality the user calls phone scammers that pretend to be Microsoft employees.
The scam starts with a malicious advertisement that redirects users to a specially prepared website. This website will serve a popup stating the computer is blocked and that the user needs to call a phone number. To cause further panic an audio message plays that says, “Important security alert! Virus intrusions detected on your computer. Your personal data and system files may be at serious risk. All system resources are halted to prevent any damage. Please call customer service immediately to report these threats now.”
When users click the OK button on the popup, a new window loads with another popup, that again appears to be coming from Microsoft. When the user clicks OK on that popup a full screen image appears that should trick the user into thinking the Microsoft website is loaded. The fake Microsoft website again tries to convince the user to call a phone number which is managed by the scammers. When a victim calls the number the scammers will try to make him pay for all kinds of unnecessary services.
Microsoft advises internet users to prevent ending up on such scam sites by being more careful when browsing. “As much as you can, visit trusted websites only. Like most tech support scams, you are redirected to offending sites via malvertising (malicious ads). These ads are usually found in dubious websites, such as those hosting illegal copies of media and software, crack applications, and malware,” according to Microsoft’s Jonathan San Jose.
He adds that users on Edge are protected against known Microsoft scams thanks to the browser’s SmartScreen feature.