The Windowsauthenticationproblem.info domain is associated with cases of browser hijacking and phishing messages. Web surfers reported that they are redirected to Windowsauthenticationproblem.info and suggested to input their account ID and password occasionally. The design of Windowsauthenticationproblem.info is a clone of the legitimate support page for Microsoft Windows users found at Support.microsoft.com. The image loaded on Windowsauthenticationproblem.info is a screenshot of Support.microsoft.com that has been modified to include the 844-618-6816 phone number and direct users to call technical support immediately. Users are suggested that they will contact technical support assistants employed by Microsoft by calling the 844-618-6816 phone line. However, that is not true, and con artists operate the 844-618-6816 phone line. Researchers reveal that Windowsauthenticationproblem.info is hosted on the 188.8.131.52 IP address and is part of a technical support tactic that runs on other pages as well. We can add the following sites:
- Sample 1:
- Sample 2:
- Sample 3:
User Name [text box]
Password [text box]'
'A Suspicious Activity Was Detected On Your Computer
Your Banking Details & Transactions May Be Compromised
YOUR TCP Connections May Be Tracked and Your Accounts
May Be Suspended To Prevent Damage
Your Financial Details May Be Stolen
Response is Required
Your Hard Disk May Have Trojan Virus! Please
Do Not Try to Fix Manually, It may Crash Your Data
Consequently, We are performing additional security checks
to verify system security.
Please Visit Your Nearest Windows Service Center
OR Call Help Desk
Customer Service: 1-844-618-6816 (TOLL-FREE)'
Suspicious activity of intrusions detected which are trying to
redirect you to an attack site.
This may happen due to obsolete virus protections.
To fix this issue please call certified network support engineers
at 1-844-618-6816 immediately. Please ensure you do not
restart your computer to prevent data loss.
WARNING Potential Threat Detected!
STOP: 0x00000000e2 (0x0000000000, 0x0000000000, 0x0000000000,
The network on which this computer is running may have
ADAWARE / SPYWARE VIRUS
Call 1-844-618-6816 immediately for assistance on how to remove the virus. The call is toll-free.'
Do not enter your account name and password in the fields provided by Windowsauthenticationproblem.info because you risk receiving a remote desktop request by a third party. Additionally, hackers can scan your IP address for open ports and initiate a brute force attack in some cases. It is not a good idea to call the 844-618-6816 phone line even if it is toll-free. Con artists may attempt to make you install a remote access tool and operate your PC. Needless to say, they may damage your data and cause your Windows to behave oddly, in which case you might consider subscribing to technical support services. That is what the fake support agents are after, and you should avoid following their instructions. The best way to protect your PC from unauthorized access is to keep your OS up-to-date, install a trusted anti-malware shield and make sure you are running the latest version of your Internet client.