Galaxy S23 Ultra First Look After Layoffs, Meta Focuses on 'Efficiency' Everything Samsung Revealed at Unpacked 'Angel Wings' for Satellites 'Shot on a Galaxy S23' GABA and Great Sleep Netflix's Password-Sharing Crackdown 12 Best Cardio Workouts
Want CNET to notify you of price drops and the latest stories?
No, thank you

This scam tricks you into buying fake tech support software

Scammers are using fake messages and a phony "Troubleshooter for Windows" app to get $25 from victims.

Scammers are tricking victims into paying $25 for fake security software, ZDNet reports.


Tech-support scammers are tricking victims into paying $25 for unnecessary security software.


The tech-support scammers use fake blue screen of death (BSOD) messages and a phony "Troubleshooter for Windows" application to try to sell a supposed Microsoft security product called "Windows Defender Essentials." The name sounds like two real Windows anti-malware applications: Windows Defender and Security Essentials.

Malwarebytes researcher Pieter Arntz said the Troubleshooter app is being distributed through a cracked software installer.

Instead of troubleshooting, the app states that "Windows has encountered an unexpected error" and the computer is "missing .dll registry files resulting in computer failure." Victims are encouraged to click "next" to diagnose and troubleshoot the issue.

Once the victim does that, they're led to a screen that lists false problems and says the troubleshoot couldn't fix the issue. But the message says it can be resolved by clicking a "Recommended" link to "Buy Windows Defender Essentials." Selecting this leads to a page that encourages victims to send $25 to the scammer's PayPal account.

A browser-based screen locker goes away after the money is paid.

"We can confirm this is a scam, and we recommend users follow advice on how to protect themselves against similar tech support scams in our April 3 and November 20 security blogs," a Microsoft representative said.

According to tech support site BleepingComputer, victims can "trick" the program into shutting down: once they reach the PayPal purchase screen, they can hit Ctrl+O to open a dialogue box, and then enter This makes the program think they've paid the $25, and it shuts down.

Removal instructions for Troubleshooter are available on Malwarebytes.  

Last week, Microsoft warned about a scam in which tech-support scammers trick users into calling a bogus hotline using click-to-call functionality in a website.   

First published Nov. 30, 10:54 a.m. PT.
Update, Dec. 1 at 6:48 a.m. PT: Adds comment from Microsoft. 

Special Reports: CNET's in-depth features in one place.

Technically Incorrect: Bringing you a fresh and irreverent take on tech.