'Google Security Warning' Scam
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 5,522 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 2,728 |
| First Seen: | August 18, 2017 |
| Last Seen: | September 16, 2023 |
| OS(es) Affected: | Windows |
The 'Google Security Warning' scam revolves around the legitimate warnings shown to Google Chrome users when corrupted and untrusted sites are loaded in the browser. Con artists work with Web developers to publish pages that generate fake 'Google Security Warning' pop-ups and aim to direct the user to call a toll-free number and get help. However, the phone lines listed on the 'Google Security Warning' notifications are not operated by certified computer experts. In many cases, the variations of the 'Google Security Warning' scam are run by illicit companies in India that attempt to take advantage of inexperienced users who stumble upon the 'Google Security Warning' notifications. The Web pages that generate the fake 'Google Security Warning' messages feature a code dubbed 'a pop-up loop' that instructs the browser to keep the 'Google Security Warning' pop-up on the screen and prevent the user from leaving and switching tabs. That way, some users may believe the 'Google Security Warning' messages, which read:
'Firewall detecting "suspicious" incoming network connections, we
recommend that you click on "Back to Safety"
Your computer is blocked!
Call now 1800-239-102
Your computer with the IP address [YOUR IP] has been infected by the Trojans Because System Activation KEY
has expired & Your information (for example, passwords, messages, and credit cards) have been stolen. Call the
Windows Help Desk 1800-239-102 to protect your files and identity from further damage.
call Now: 1800-239-102'
Consequently, a call to 800-239-102, and other numbers advertised that way, would connect you to a con artist who will try to sell you a "Premium Technical Support" plan. Before you get to the marketing pitch, the con will try to connect to your machine using a remote desktop tool under the pretext that he/she needs to assess the situation on your end. If you grant remote access, the con artists are very likely to open the SysKey utility on Windows, lock your account and claim that you need to pay a few hundred dollars to have the system unlocked. The technical support agent would make excuses and say that a virus has locked you out, which can be removed with help from an expert that happens to be on your phone right now. Cyber security researchers recommend users surf the Internet using a trusted browser that has the latest updates to minimize the chances of opening a phishing page. AV engines that scan scripts on Web pages may bring up the following detection names in a warning box when you load the 'Google Security Warning' pop-ups:
- Ransom:JS/TechBrolo.A
- SupportScam:JS/TechBrolo.A
- SupportScam:MSIL/Hicurdismos.A
- Suspicious_GEN.F47V0429
- Trojan.FakeAlert!8.56B (topis)
- Trojan/Generic.ASVCS3S.448
- Win32.Trojan.Rassmd.Auto
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.