There are some clever malware scams out there, but some are much more sneaky than others. When it comes time to stealing your information, online scammers have gotten really good. Even security experts and professionals that work with the internet are commonly tricked into downloading malware by mistake.
The newest security scam is really sneaky, and would even fool the most adept if they had already been privy to the scheme. When we found out about it, we had to share it with you. And we encourage you to share this post on your social media. Knowledge is power.
Maybe together we can prevent more people from falling for this scam.
Here’s what happens
The scam starts with something that experienced Windows users refer to as the “BSD” or “The Blue Screen of Death.” This is an old splash screen that would display when one of the essential Windows files would improperly load or become corrupt, and it is every Windows user’s worst nightmare.
The trick here is that this “blue screen of death” is not a real error. It is just an image being displayed to your screen.
But even savvy computer users have seen this error many times, and may be tempted to follow the instructions to fix the error.
The scam then provides the user an opportunity to download and install a list of “missing or corrupt .dll files” via something called “Windows Defender Essentials.”
This will actually solve the problem (that doesn’t actually exist) temporarily and allow the user to spend $25 to install a series of files that appear to fix a problem that you never really had.
Among these files are other malicious programs that continually display a fake troubleshooter and show you advertisements.
“Windows Defender Essentials” is an especially tricky name for a malware program because Windows actually makes two legitimate security programs with similar names. One is called Windows Defender, and the other is called Security Essentials.
Here’s the solution
Don’t fret if you experience this scam, there is a way around it discovered by the security company Malwarebytes, who promptly released a fix for affected computers. First off, don’t spend the $25, there is no way to get it back if you do.
There is a way of tricking the malware into thinking that you have already paid, and it is relatively simple.
First, play along with the malware and visit the PayPal site as if you intend to throw away $25. When on the PayPal purchase screen, press Ctrl+O to open a dialog box that asks you what page you wish to open.
Enter the page name http://hitechnovation.com/thankyou.txt into the box and this will trick the malware into thinking that you paid for its service, but will not download any of the additional files.
Finally, to completely rid yourself of this malicious software, head over to the Malwarebytes website and run the free software they make to search and remove all remnants of the malware that may be lingering on your machine.
Special thanks to Malwarebytes software engineer Djordje Lukic for discovering this scam software and helping to discover a fix.