This scam tricks you into buying fake tech support software

Scammers are using fake messages and a phony "Troubleshooter for Windows" app to get $25 from victims.

Abrar Al-Heeti Technology Reporter

Abrar Al-Heeti is a technology reporter for CNET, with an interest in phones, streaming, internet trends, entertainment, pop culture and digital accessibility. She's also worked for CNET's video, culture and news teams. She graduated with bachelor's and master's degrees in journalism from the University of Illinois at Urbana-Champaign. Though Illinois is home, she now loves San Francisco -- steep inclines and all.

Expertise Abrar has spent her career at CNET analyzing tech trends while also writing news, reviews and commentaries across mobile, streaming and online culture. Credentials

Named a Tech Media Trailblazer by the Consumer Technology Association in 2019, a winner of SPJ NorCal's Excellence in Journalism Awards in 2022 and has three times been a finalist in the LA Press Club's National Arts & Entertainment Journalism Awards.

See full bio

Abrar Al-Heeti

Dec. 1, 2017 6:48 a.m. PT

2 min read

Scammers are tricking victims into paying $25 for fake security software, ZDNet reports.

Hackers — Tech-support scammers are tricking victims into paying $25 for unnecessary security software.
Getty

The tech-support scammers use fake blue screen of death (BSOD) messages and a phony "Troubleshooter for Windows" application to try to sell a supposed Microsoft security product called "Windows Defender Essentials." The name sounds like two real Windows anti-malware applications: Windows Defender and Security Essentials.

Malwarebytes researcher Pieter Arntz said the Troubleshooter app is being distributed through a cracked software installer.

Instead of troubleshooting, the app states that "Windows has encountered an unexpected error" and the computer is "missing .dll registry files resulting in computer failure." Victims are encouraged to click "next" to diagnose and troubleshoot the issue.

Once the victim does that, they're led to a screen that lists false problems and says the troubleshoot couldn't fix the issue. But the message says it can be resolved by clicking a "Recommended" link to "Buy Windows Defender Essentials." Selecting this leads to a page that encourages victims to send $25 to the scammer's PayPal account.

A browser-based screen locker goes away after the money is paid.

"We can confirm this is a scam, and we recommend users follow advice on how to protect themselves against similar tech support scams in our April 3 and November 20 security blogs," a Microsoft representative said.

According to tech support site BleepingComputer, victims can "trick" the program into shutting down: once they reach the PayPal purchase screen, they can hit Ctrl+O to open a dialogue box, and then enter http://hitechnovation.com/thankyou.txt. This makes the program think they've paid the $25, and it shuts down.

Removal instructions for Troubleshooter are available on Malwarebytes.

Last week, Microsoft warned about a scam in which tech-support scammers trick users into calling a bogus hotline using click-to-call functionality in a website.

First published Nov. 30, 10:54 a.m. PT.
Update, Dec. 1 at 6:48 a.m. PT: Adds comment from Microsoft.

Special Reports: CNET's in-depth features in one place.

Technically Incorrect: Bringing you a fresh and irreverent take on tech.