I just encountered a very real-looking "Windows Defender Security Center" alert claiming my computer is infected with 5 viruses. It alleges that my "anti-virus software subscription has expired." I have Trend Micro Maximum Security and, checking with the main TM console, it has NOT expired.
My understanding is that activating TM automatically disables Windows Defender, and I have checked and WD says it is disabled.
What am I to make of this? I am very skeptical, to put it mildly.
I attach a screenshot of the alert screen. I have not clicked on the "Renew Now" button!
Grammatical errors are a common indicator of a fake.
Windows is NOT capitalized where it should be if it were legitimately from Microsoft/Windows Defender.
Likewise, exclamation points to heighten your anxiety is another reason to question it!!!!!!!!
You'd think they'd have these "warnings" proofread by a native English speaker with some sense of proper usage, but they never seem to get to that point.
I'm willing to be proven wrong here, but I've got major doubts.
That pop-up is for what's known as a Fake Anti-Virus Alert. It is an ad to goad the unsuspecting user into paying to remove the listed viruses. The only virus is that program that launches the pop-up alert. Malwarebytes will find and terminate it. You will need to reboot and scan again to get all of it out.
Mitch Drumm wrote:I wouldn't be amused that the paid version of Malwarebytes apparently did not prevent it.
Some variants of these fake AV alerts are well disguised. In fact, there is a new trick being employed by scammers using Desktop Notifications over the System Tray to peddle crapware and fake security programs. This may even be one of those.
Desktop notifications can be disabled in your browser. It is an advanced option. You normally see a pop-up requesting permission to show these notifications. You can disallow them on a one to one basis, or all at once.
If it is just a browser pop-over alert, it is driven by JavaScript. Disabling JavaScript with the NoScript Add-on puts the kibosh on that crap. Blocking JavaScript is also an option with the uBlock Origin Add-on.
Thanks, Wiz. I have rebooted and run both MBAM and Trend Micro scans, and both came up with 0 threats detected.
I looked into the settings in Firefox (my browser), and found options relating to what they call "Web Push" notifications. Is that what you're referring to as desktop notifications?
