Avoid getting scammed by a fake "VIRUS ALERT FROM MICROSOFT"
Written by Tomas Meskauskas on (updated)
What is "VIRUS ALERT FROM MICROSOFT"?
Displayed by a malicious website, "VIRUS ALERT TO MICROSOFT" is a fake error claiming that the system has detected suspicious activity. In most cases, users visit this website inadvertently - they are redirected by various potentially unwanted programs (PUAs) that infiltrate systems without permission.
As well as causing redirects, PUAs deliver intrusive advertisements, gather sensitive data, and sometimes misuse system resources to run unnecessary background processes.
"VIRUS ALERT FROM MICROSOFT" scam overview
The "VIRUS ALERT TO MICROSOFT" error states that the system is not legitimate, running pirated software, proliferating viruses over the Internet, and could potentially be hacked. For these reasons it must be blocked. To resolve these issues, users are encouraged to immediately contact Microsoft's tech support via a telephone number ("1-844-808-7462") provided.
Victims then supposedly receive help in resolving these issues. Be aware, however, that "VIRUS ALERT TO MICROSOFT" is a scam. It is fake and has nothing to do with Microsoft. In fact, cyber criminals generate revenue by claiming to be certified technicians and to trick users into paying for support that is not needed.
All aforementioned claims are false. In addition, criminals often demand remote access to victims' computers to change system settings and install malware. They then claim to "detect" additional issues and offer further help for extra fees. For these reasons, we strongly advise you to ignore the "VIRUS ALERT TO MICROSOFT" message and never call the telephone number.
This error can be removed simply by closing the web browser (preferably, using Task Manager) or rebooting the system (some websites employ scripts that prevent users from closing the browser). After re-running the browser, never restore the previous session, otherwise you will return to the malicious site.
Potentially unwanted programs are known to deliver coupon, banner, pop-up, and other similar ads. To achieve this, developers employ various tools (e.g., "virtual layer") that enable placement of third party graphical content on any site. Therefore, displayed ads often conceal visited website content, significantly diminishing the web browsing experience.
Furthermore, the ads might redirect to malicious sites and even run scripts that download/install malware. Therefore, even a single click can result in high-risk computer infections. Another downside is information tracking. Potentially unwanted programs gather various information that typically includes personal details.
Developers sell the collected data to third parties (cyber criminals) who misuse personal details to generate revenue. This behavior can lead to serious privacy issues. In addition, PUAs misuse system resources to mine cryptocurrencies or run other unwanted processes in the background.
By misusing resources without users' consent, PUAs significantly reduce overall system performance. For these reasons, all potentially unwanted programs must be uninstalled immediately.
Name | "VIRUS ALERT FROM MICROSOFT" virus |
Threat Type | Phishing, Scam, Social Engineering, Fraud |
Fake Claim | Scam states that users' devices are blocked due to presence of pirated software, virus infections, etc. |
Disguise | Scam is disguised as an alert from Microsoft. |
Tech Support Scammer Phone Number | 1-844-808-7462, +1-888-351-0479, +1-844-813-1513, +1-866-417-9111, +1-877-249-0169, +1-888-349-5007, etc. |
Related Domains | fiestafete[.]com, officemicrosoft2022[.]com |
Detection Names (fiestafete[.]com) | Fortinet (Malware), SCUMWARE.org (Malware), Sophos (Malware), alphaMountain.ai (Suspicious), Full List Of Detections (VirusTotal) |
Serving IP Address (fiestafete[.]com) | 184.168.221.91 |
Symptoms | Fake error messages, fake system warnings, pop-up errors, hoax computer scan. |
Distribution methods | Compromised websites, rogue online pop-up ads, potentially unwanted applications. |
Damage | Loss of sensitive private information, monetary loss, identity theft, possible malware infections. |
Malware Removal (Windows) | To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. |
Technical support scam examples
"VIRUS ALERT FROM MICROSOFT" is virtually identical to Firefox Requires A Manual Update, CRITICAL ALERT FROM MICROSOFT, Windows Firewall Warning Alert, and many others. All state that the system is damaged/corrupted, however, these claims are merely attempts to extort money from unsuspecting users.
Most PUAs share many similarities. By offering various 'useful features', they attempt to give the impression of legitimacy, however, PUAs are designed only to generate revenue for the developers and deliver no real value for regular users.
How did potentially unwanted programs install on my computer?
As mentioned above, PUAs usually infiltrate systems without permission due to the lack of knowledge and careless behavior of many users. Developers proliferate PUAs using a deceptive marketing method called "bundling" and intrusive advertisements. "Bundling" is stealth installation of unwanted programs with regular software/apps.
Developers do not disclose installation of "bundled" software properly - they hide PUAs within various sections (in most cases, "Advanced/Custom" settings) of the download/installation processes. Many users rush these procedures, skip steps, and click advertisements. This behavior often leads to inadvertent installation of potentially unwanted programs.
How to avoid installation of potentially unwanted applications?
The key to computer safety is caution. Therefore, pay close attention when browsing the Internet and, especially when downloading/installing software. Bear in mind that intrusive ads look legitimate, but once clicked, redirect to gambling, adult dating, pornography, and other dubious sites.
If you experience these ads, immediately remove all dubious applications and browser plug-ins. Carefully analyze each window of the download/installation dialogs using the "Custom" or "Advanced" settings. Opt-out of all additionally-included programs and decline offers to download/install them.
Avoid using third party downloaders/installers, since criminals use them to promote rogue apps ("bundling" method). Software should be downloaded from official sources only, using a direct download link.
Text presented in "VIRUS ALERT FROM MICROSOFT" pop-up:
VIRUS ALERT FROM MICROSOFT
This computer is BLOCKED
Do not shut down Your Computer and restart your computer
Your computer's registration key is Blocked.
Why we blocked your computer?
Your Computer's registration key is illegal.
Your Computer is using pirated software.
Your Computer is sending virus over the internet.
Your Computer is hacked or used from undefined location.
We block this computer for your security.
Contact Microsoft helpline to reactivate your computer.
Text presented in the malicious website:
Your Computer is permanently blocked. Call Support at 1-844-808-7462
System Security Alert
Your information (for example, passwords, messages and credit cards) are been extracted from your Device. Call Microsoft
at 1-844-808-7462 to protect your files and identity from misuse, Please do not try to close this page or your Device will be disabled to
protect your data. Call Microsoft At Toll Free 1-844-808-7462
Another variant of "Virus Alert from Microsoft" tech support pop-up scam (tech support scammers are using +1-888-351-0479 phone number):
Appearance of this variant (GIF):
Another variant of "VIRUS ALERT FROM MICROSOFT" pop-up scam (cyber criminals are using "+1-844-813-1513" phone number):
Appearance of this pop-up (GIF):
Another variant of this pop-up (GIF) (crooks are using "+1-866-417-9111" telephone number):
Another variant of "VIRUS ALERT FROM MICROSOFT" pop-up scam:
Text presented within:
Microsoft Security Tollfree:
+1-877-249-0169
Prevent this page from creating additional dialogues.
Enter Microsoft registration key to unblock.
Microsoft Support Alert
Your System Detect Some Unusual Activity
It might harm your computer data and track your financial activities.
Please report this activity to +1-877-249-0169VIRUS ALERT FROM MICROSOFT
This computer is BLOCKED
Do not close this window and restart your computer
Your computer's registration key is Blocked.
Why we blocked your computer?The window's registration key is illegal.
This window is using pirated software.
This window is sending virus over the internet
This window is hacked or used from undefined location.
We block this computer for your security.
Contact microsoft helpline to reactivate your computer.
Yet another variant of "Virus Alert From Microsoft" pop-up scam:
Another variant of "VIRUS ALERT FROM MICROSOFT" pop-up scam:
Yet another example of VIRUS ALERT FROM MICROSOFT pop-up scam:
Text presented within:
VIRUS ALERT FROM MICROSOFT
This computer is BLOCKED
Do not close this window and restart your computer
Your computer's registration key is Blocked.
Why we blocked your computer?
This window's registration key is illegal.
This window is using pirated software.
This window is sending virus over the Internet.
This window is hacked or used from undefined location.
We block this computer for your security.
Contact Microsoft helpline to reactivate your computer.
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is "VIRUS ALERT FROM MICROSOFT" virus?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
It is a type of scam used to trick users into performing certain actions. Usually, it uses scare tactics for that (for example, it displays fake virus, error, or similar warnings).
What is the purpose of a pop-up scam?
Most scammers use it to trick unsuspecting users into providing credit card details, bank account numbers, or other personal information. Scammers also can use it to distribute malware.
Why do I encounter fake pop-ups?
The majority of pop-up scams are delivered through untrustworthy pages or applications. Users do not visit those pages (or install those applications) intentionally. Usually, the aforementioned pages get opened through sites using questionable advertising networks.
I have allowed cyber criminals to remotely access my computer, what should I do?
If you have allowed cyber criminals to remotely access your device, you must first disconnect it from the Internet. Afterwards, remove the remote access software that you were asked to install (e.g., AnyDesk, TeamViewer, etc.), as criminals may not need your consent to reconnect to the device again. Lastly, perform a full system scan with an anti-virus program and remove all detected threats.
I have provided my personal information when tricked by a pop-up scam, what should I do?
If you have provided account credentials - change the passwords/passphrases of all potentially exposed accounts and inform their official support without delay. And if the disclosed data was of a different personal nature (e.g., ID card details, credit card numbers, etc.) - immediately contact relevant authorities.
Will Combo Cleaner protect me from pop-up scams?
Combo Cleaner checks visited/opened pages and notifies users when it detects malware or other threats. This app is also capable of restricting access to untrustworthy pages.
▼ Show Discussion