Get Started Book a Demo

Old Attacks Made New Again by Hackers Exploiting our Browsers and Our Fears

6th June 2023 | Advisory, Blog Old Attacks Made New Again by Hackers Exploiting our Browsers and Our Fears

Fake Windows Defender Warning Message

Attack Introduction:

This article sheds light on a very old attack method hackers have used that is once again making the rounds and tricking victims into paying for a virus’ removal.  CyberHoot has learned that hackers are displaying a Windows Defender Security Center pop-up (scam), which aims to deceive users into believing their computers are infected with malware. The scam prompts victims to call a fake technical support number, leading to potential financial loss and compromised security. This attack is quite similar to scams from the past. 

If you’re reading this page because you’ve got a warning like what’s shown above or below on your computer screen, please know that your computer and data are most likely still safe.  You have a nuisance you need to deal with to eliminate the frozen browser window, but it doesn’t mean your computer has been compromised.  Read on to learn what to do next.

Context of This Attack:

The Windows Defender Security Center pop-up scam is a variation of tech support scams that have been prevalent for years. These scams typically involve fraudulent pop-ups or phone calls claiming to be from reputable companies, urging users to take immediate action to resolve a non-existent issue.

The scammers exploit users’ fear and lack of technical knowledge to trick them into providing sensitive information or paying for unnecessary removal services. The key to not becoming a victim is to know when you’re facing an attack like this. We will show you how to determine if you’re under attack next.

Confirmation You Are Under This Attack:

To confirm if you are experiencing the Windows Defender Security Center pop-up scam, consider the following:

  1. Legitimate Alerts: Understand that Microsoft (and other tech companies) do not display unsolicited pop-ups demanding immediate action or personal information. Educate yourself about the legitimate alerts from the Windows Defender Security Center.

  2. Signs of Suspicious Behavior: Look for signs of suspicious behavior within the pop-up, such as grammatical errors, misspellings, or urgent demands. These indicators often reveal fraudulent attempts.

Fake Windows Defender Attack Pop-up

Protection from This and Similar Attacks:

To protect yourself from this scam, take the following actionable steps:

  1. Stay Educated: Familiarize yourself with legitimate alerts and warnings from the Microsoft’s Security Center. Microsoft does not use aggressive pop-ups or request personal information through such means.

  2. Close the Pop-Up: Use the task manager (accessible by clicking Control-Alt-Delete simultaneously) or close the browser window to terminate the scam pop-up. Refrain from clicking any links or providing personal or financial information.

  3. Update Software: Keep your Windows operating system and security software, such as Windows Defender, up to date. Regular updates help patch vulnerabilities and defend against evolving threats.

  4. Conduct a Full System Scan: Run a thorough scan of your system using reputable antivirus or anti-malware software. This scan will identify and remove any potential threats present on your computer.

  5. Enable Real-Time Protection: Ensure that Windows Security real-time protection feature is activated. Learn more about Windows security here. This proactive measure detects and prevents threats in real-time.

  6. Practice Safe Browsing: Exercise caution while browsing the internet. Avoid visiting suspicious websites, clicking on unknown links, or downloading files from untrustworthy sources. 

  7. Enable Firewall Protection: Activate the built-in firewall in Windows or use a reputable third-party firewall solution. Firewalls act as barriers against unauthorized access and can help prevent malicious software from entering your system.

  8. Regularly Back Up Data: Create backups of your important files and data on a consistent basis using a 3-2-1 Backup methodology. Utilize external storage devices or cloud-based services to ensure data recovery in case of a malware attack or system compromise.

Fake Windows Defender Attack Conclusions:

By following these actionable steps, you can protect yourself from falling victim to the Windows Defender Security Center pop-up scam.  This old scam has been recycled and used to attack unsuspecting victims.

Stay informed about the latest scams and threats in the cybersecurity landscape to enhance your overall security posture.

Secure your business with CyberHoot Today!!!


Sign Up Now

Watch this NBC Today video showing how they fell victim to this Scam attack on what they learned.

Sources: 

https://www.pcrisk.com/removal-guides/12537-windows-defender-security-center-pop-up-scam

Additional Reading: 

https://www.idstrong.com/sentinel/remove-fake-virus-alert/#

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Make Phishing Training Count with HootPhish
10th June 2025 | Blog

Make Phishing Training Count with HootPhish

Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...

Read more
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats
15th May 2025 | Advisory, Blog

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...

Read more
CyberHoot Newsletter – May 2025
15th May 2025 | Blog, Newsletters

CyberHoot Newsletter – May 2025

Welcome to CyberHoot's May Newsletter! This month, we're spotlighting key developments in the cyber threat...

Read more
Get Started All Posts