Windows Defender Scam

While surfing the web looking for a manual for my Artic Cat 400 ATV yesterday, clicked a link which looked legit & up popped a picture like this one but with some different ph- numbers ! It locked my computer & couldn't do anything ! So called the number he pretended to be from MS and gave me a bunch of instructions, got suspicious by the way he answered the phone ! Instructions: click the keys to bring up the "start" then the "Run" box, type in "iexplore www.tiny.cc/xev6t" (leaving off a digit for maybe anyone's safety here" which took me to Teamviewer to download & for me to give him my code & Id number !!
That's when i ended the call & started running some Malware scans ! Nothing found ! So be careful out there !
Chuck

Which browser were you using?

MS Edge used to allow sites to prevent the browser from closing. It took task manager to shut down the browser. Unfortunately, when the browser was relaunched, it opened the same tabs. I had to use a third party utility to clear the browser history.

Haven't had to do that in quite a while.

I'd be disappointed to learn that the bad guys can still do that.

bobkn, i was using Fire Fox but wheni finished typing the info into the "Run Box" it opened Edge & started to download Teamviewer then i stopped the dwnload !! I just got through with MS reporting this they were no help !!

Just so you can see they were a lot of help !

Malwarebytes browser guard Firefox add-on would probably help, for Edge need a Google account as can only get it from the Chrome store.

And i just got this email !! So i guess this is all there is to trying to report a Scam using MS product !! Maybe they will be on the lookout for others being scammed with this !!
Chuck

The reason i posted this is so some of you can see the process i went through & also how some scammers work & how they get you info ! In this case it was with "TeamViewer" ! Be Safe and use good common sense along with your Security !!
Chuck

flashh4 said:

The reason i posted this is so some of you can see the process i went through & also how some scammers work & how they get you info ! In this case it was with "TeamViewer" ! Be Safe and use good common sense along with your Security !!
Chuck

Click to expand...

Sound advice.

And thank you, for taking the time to put this on display, for the security of others.


Take care.

Thanks for the warning. Will be on the watch for anything like this.

flashh4 said:

And i just got this email !! So i guess this is all there is to trying to report a Scam using MS product !! Maybe they will be on the lookout for others being scammed with this !!
Chuck

Click to expand...

I'm not optimistic that Microsoft will take any action on this. There must be many scam sites, most of them beyond the reach of US law enforcement.

I haven't come across any scam sites that aggressive recently. The most common thing I get is a site telling me that Adobe Flash needs an update. As I have uninstalled Flash because it is a security nightmare, and few sites use it any more, I know not to click.

Thanks for the post. It's helpful to have reminders of how many predators are on the Web, waiting for their potential victims to make a small mistake.

Microsoft usual tactics are to go after the domains being used by scammers. There are lots of other scam scammers out there that that regularly try and take down the fake call centers.

But a note to the wise: Never, ever EVER click on a random link for tech support for a product when you're not on that product's page / domain. If you want tech support from Microsoft, go to the Microsoft website or can their publicly listed number.

This type of attack is geared toward people who make the mistake of thinking it is legitimate specifically because they've done a lot of work making it LOOK legitimate. Sure, Microsoft will advertise products, like hardware, Windows 11, etc. on other websites. But they are NOT going to advertise their tech support. Glad you were able to extricate yourself from this thus far. I suspect ther ewill be a few more repercussions before it's finally over. So stay frosty, and vigilant.

Safe DNS is basics these days, like Quad9 or NextDNS, it blocks botnets, malware payloads, phishing.
There also browser extensions like Bitdefender TrafficLight or Netcraft (specifically designed for those).