Avoid getting scammed by sites showing a "Windows Firewall Warning Alert"
Written by Tomas Meskauskas on (updated)
What is "Windows Firewall Warning Alert"?
"Windows Firewall Warning Alert" is a fake error message displayed by malicious websites. Research shows that, in most cases, users visit this site inadvertently - they are redirected by Potentially Unwanted Applications (PUAs) that infiltrate systems without permission. In addition to causing redirects, PUAs deliver intrusive advertisements, gather sensitive information, and sometimes misuse system resources to run unwanted processes.
"Windows Firewall Warning Alert" scam overview
The "Windows Firewall Warning Alert" error claims that the system has detected spyware that poses a threat to confidential data (logins, passwords, banking information, etc.) Therefore, users are encouraged to immediately contact "technical engineers" via a telephone number ["+1 (866) 475-7161"] provided.
These people then supposedly guide victims through the malware removal process. In fact, the "Windows Firewall Warning Alert" error is fake and a scam. Cyber criminals claim to be certified technicians and offer technical support (which is not needed) for a certain fee. All claims regarding computer infections are false.
In addition, criminals often attempt to gain remote access to users' computer. Once connected, they stealthily modify system settings and install malware. They then claim to detect additional issues and offer further help for an extra fee. In any case, never attempt to contact these people - the "Windows Firewall Warning Alert" error should be ignored.
It can be removed simply by closing the web browser (preferably, via Task Manager) or rebooting the system (some malicious sites employ scripts that prevent users from closing the browser). Note that after re-running the browser, you should never click "Restore Previous Session" (or similar), otherwise you will return to the malicious website.
As mentioned above, potentially unwanted applications generate various intrusive ads (coupons, banners, pop-ups, etc.) that conceal underlying content, thereby significantly diminishing the browsing experience. Furthermore intrusive advertisements might lead to malicious websites and/or even run scripts that download/install malware.
Therefore, even a single click can result in high-risk computer infections. Another downside is information tracking. Bear in mind that unwanted apps continually gather IP addresses, URLs visited, search queries, keystrokes, geo-locations, and other information that is likely to contain personal details.
Developers sell the information to third parties (potentially, cyber criminals) who misuse it to generate revenue. This behavior can lead to serious privacy issues or even identity theft.
Some potentially unwanted applications are also designed to misuse system resources to run unnecessary processes (e.g., to mine cryptocurrencies). In doing so, PUAs significantly diminish overall system performance. You are strongly advised to eliminate all unwanted programs immediately.
Name | "Windows Firewall Warning Alert" virus |
Threat Type | Phishing, Scam, Social Engineering, Fraud |
Fake Claim | The message claims that the system is damaged/infected and encourages users to contact fake tech support. |
Tech Support Scammer Phone Number | +1-844-284-9696, +1-866-475-7161, +1-888-378-0188, +1-888-224-2505, +1-888-393-9323 |
Related Domains | findmyloveline[.]com |
Detection Names (findmyloveline[.]com) | Fortinet (Phishing), Sophos (Malware), Full List Of Detections (VirusTotal) |
Serving IP Address (findmyloveline[.]com) | 198.54.115.71, +1(877)524-9012 |
Symptoms | Fake error messages, fake system warnings, pop-up errors, hoax computer scan. |
Distribution methods | Compromised websites, rogue online pop-up ads, potentially unwanted applications. |
Damage | Loss of sensitive private information, monetary loss, identity theft, possible malware infections. |
Malware Removal (Windows) | To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. |
Technical support scam examples
There are many fake errors such as "Windows Firewall Warning Alert"; Error 268D3-XC00037, Microsoft System Security Alert, and Your Device Is Under Threat are just some examples. All claim that the system is infected, missing files, or damaged in other similar ways, however, these errors are designed only to extort money from unsuspecting users.
Potentially unwanted applications also share many similarities. By offering useful features, PUAs attempt to give the impression of legitimacy and trick users to install, however, rather than delivering any real value for regular users, they pose a direct threat to your privacy and Internet browsing safety.
How did potentially unwanted applications install on my computer?
Potentially unwanted apps are proliferated using intrusive advertisements and a deceptive marketing method called "bundling". Therefore, PUAs often infiltrate systems without express user consent. "Bundling" is stealth installation of third party applications with regular software/apps.
Developers are aware that many users rush download/installation processes. Therefore, "bundled" apps are hidden within "Custom/Advanced" options (or other sections) of these procedures. By skipping download/installation steps and clicking various dubious links/advertisements, users often expose their systems to risk of various infections.
How to avoid installation of potentially unwanted applications?
The key to computer safety is caution. Therefore, pay close attention when browsing the Internet and, especially when downloading/installing software. Bear in mind that criminals design intrusive ads to look legitimate.
Once clicked, however, they redirect to dubious sites (e.g., gambling, pornography, adult dating, etc.) If you experience these redirects, uninstall all suspicious applications and browser plug-ins.
Furthermore, carefully observe each window of the download/installation dialogs and opt-out of all additionally-included programs. Using a legitimate anti-virus/anti-spyware suite is also paramount.
Text presented in "Windows Firewall Warning Alert":
Windows Firewall Warning Alert
Malicious Spyware/Riskware Detected
Error #0x86672ee7
Please call us immediately at +1 (866) 475-7161
Do not ignore this critical alert.
If you close this page, your computer access will be disabled to prevent further damage to our network.
Your computer has alerted us that it has been infected with a Spyware and risk ware. The following information is being stolen...
Financial Data
Facebook Logins
Credit Card Details
Email Account Logins
Photos stored on this computer
You must contact us immediately so that our expert engineers can walk you through the removal process over the phone to protect your identity. Please call us within the next 5 minutes to prevent your computer from being disabled or from any information loss.
Operating System Windows
Browser Under Attack
IP Address Under Attack
Location Under Attack
Threat Level Very High
Another example of "Windows Firewall Warning Alert" pop-up scam:
Text presented within:
Pop-up in the front:
Windows Security
Google ChromeThat server also reports: " Your information is at a Serious risk.
Harmful malware infection Debug Malware error (code 0x80093acf). Call immediately to save Hard disk failure & Data loss. This Harmful malware is affecting your online information & can Track Financial Activity. @ +1-844-284-9696 TollFree".
Username
Password
[Ok] [Cancel]
Pop-up in the back:
VIRUS ALERT FROM MS-Windows
This computer is BLOCKEDDo not close this window and restart your computer
Your computer's registration key is Blocked.
Why we blocked your computer?
The window's registration key is illegal.
This window is using pirated software.
This window is sending virus over the internet.
This window is hacked or used from undefined location.
We block this computer for your security.
Contact MS-Windows helpline to reactivate your computer.
MS-Windows Security Tollfree:
+1-844-284-9696
Pop-up in the right-lower corner:
Windows Firewall Error
WARNING! 37 threats detected
Detected malicious programs can damage your computer and compromise your privacy.
It's strongly recommended to remove them immediately!
Potential risks: Infecting other computers on your network
Call-Helpline +1-844-284-9696 (TollFree)
[Continue unprotected] [Remove all threats now]
Background:
MS-Windows Security Tollfree:
+1-844-284-9696Enter MS-Windows registration key to unblock.
ENTER KEY: [Submit]
Windows Firewall Warning !!!Your Computer Detected Some Unwonted Activity.
This Will harm your computer data and track your financial activities
Kindly report this activity to +1-844-284-9696
[Chat Support] [Back to Safety]
Yet another example of Windows Firewall Warning Alert pop-up scam:
Another example of Windows Firewall Warning Alert pop-up scam:
Text presented within:
*** Microsoft-Windows-Firewall-Alert !!***
Why we blocked your computer?
Your System Detected Some Unusual Activity.
Call-Helpline +1-866-443-1118 (Toll Free)
Appearance of this scam variant (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is "Windows Firewall Warning Alert" virus?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is an online scam?
Online scams are deceptive content promoted on various rogue websites. They are created to trick users into performing specific actions, e.g., calling fake helplines, downloading/installing untrustworthy or malicious software, disclosing sensitive information, etc.
What is the purpose of online scams?
Online scams can serve varied purposes like selling personal data revealed by victims, using sensitive user data for illegal purposes, promoting dubious software, distributing malware, and so on. In summary, scams are designed to generate revenue for the cyber criminals behind them.
Why do I encounter fake pop-ups?
Fake pop-ups and other scams are run on rogue sites, which are usually accessed unintentionally. Most users enter these pages via mistyped URLs or redirects caused by other suspect webpages, deceptive browser notifications/ intrusive ads, or installed untrustworthy/harmful software.
I have allowed cyber criminals to remotely access my computer, what should I do?
First, you have to disconnect your device from the Internet. Secondly, remove any remote access tools you've installed per the cyber criminals' request (e.g., TeamViewer, AnyDesk, etc.) - as they might not need your permission to reaccess the system. Lastly, use an anti-virus program to perform a full system scan and remove all detected threats.
I have provided my personal information when tricked by a scam, what should I do?
If you've disclosed personal information like ID card details, credit card numbers, or similar - contact relevant authorities without delay. And if the provided data was log-in credentials - change the passwords of all potentially compromised accounts and contact their official support.
Will Combo Cleaner protect me from online scams and the malware they proliferate?
Combo Cleaner is capable of scanning the sites you visit, and it can detect rogue/malicious ones (including those that promote scams). It can block all further access to such websites as well. Furthermore, Combo Cleaner can scan your computer and eliminate most of the known malware infections. It is noteworthy that performing a full system scan is crucial, as sophisticated malicious programs usually hide deep within systems.
▼ Show Discussion