'Your Windows computer is at High Risk' Pop-Ups
The 'Your Windows computer is at High Risk' pop-ups have been reported by users that saw it on their desktops and mobile devices. The 'Your Windows computer is at High Risk' pop-up windows appear to scare users with alarming messages, which suggest the device is compromised and a particular security software should be installed if you don't want your files to be deleted. As you can imagine, nobody would want to miss a major security update and have his files removed as a consequence. However, the 'Your Windows computer is at High Risk' notifications are not used by any legitimate security vendor to release software updates and offer help to users. The 'Your Windows computer is at High Risk' notifications are phishing messages hosted on newly registered pages, which aim to lead the user into installing a potentially unsafe program. PC and mobile users might experience the 'Your Windows computer is at High Risk' when they load an untrusted page. We have found that the 'Your Windows computer is at High Risk' alerts are presented to users who load resources from the 8.36.44.186 IP address. The phishing notifications in question may feature the title 'Your Windows computer is at High Risk' and 'WINDOWS ALERT,' as well as come in various languages such as English, French, German, Spanish, Russian, Chinese and Japanese. We have seen the 'Your Windows computer is at High Risk' messages offer the following text:
'Your Windows is not activated.
You need to activate your Windows Updates.
System: [YOUR WINDOWS VERSION]
IP: [YOUR REAL IP ADDRESS]
Please note: Windows security has detected that the system
is corrupted. All system files will be deleted after [COUNTDOWN TIMER STARTS WITH 227 SECONDS]
Required: please click the button below to "Update" the
latest software, scan your system and prevent your files being deleted.
[Update|button]'
As mentioned above, the 'Your Windows computer is at High Risk'/'WINDOWS ALERT' pop-ups are registered to load content from the 8.36.44.186 IP address. Web filtering services, AV companies, and major Internet browser developers are partnering in an effort to block access to insecure pages and known infection sources. It is recommended that PC users make sure their Internet client is up-to-date and they are using a reliable anti-malware shield. The following domains are reported to feature content associated with the 'Your Windows computer is at High Risk':
- winshield[.]today/pccare/en/232/index.html
verifiedcoy[.]com - winsecure[.]life/en/index2.html
- winshield6[.]site
- mobilescan[.]online
- mobileshieldmax[.]press/whatsa/tr/1862/index.html
- authorizedwinner[.]com/luckytoday/winner/es/438/
- mobileprotect1[.]online
- maxis-mobile[.]solutions
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.