Avoid getting scammed by websites stating "Your Security Is Not Up-To-Date"
Written by Tomas Meskauskas on (updated)
What kind of scam is "Your Security Is Not Up-To-Date"?
While investigating untrustworthy websites, our research team discovered the "Your Security Is Not Up-To-Date" technical support scam. It makes false claims regarding the visitor's computer being infected and the system being locked for security purposes. The goal is to trick the user into calling a fake support line – thus entangling them in an elaborate scheme.
"Your Security Is Not Up-To-Date" scam overview
When we entered a page running "Your Security Is Not Up-To-Date", we were presented with several pop-ups. The first window stated that the visitor's system security was outdated.
After this pop-up was closed, a second one was displayed. It speculated on the nonexistent threats and listed already compromised data – IP address, email, and banking credentials. The scam also name-dropped a legitimate anti-virus – Norton – and stated that this software had detected adware on the device six months prior. The pop-up urged the visitor to call the provided helpline and take immediate action to resolve these issues.
The last window to be displayed listed a software update error. It also urged to contact support and warned against turning off the computer since that may cause system crashes or damage the hard drive.
It is noteworthy that this scam's blue color palette mimics that of Windows. Additionally, the initial pop-up window includes a logo in its title bar, which resembles the one used by Windows.
It must be emphasized that all the information provided by this content is false, and this scam is in no way associated with Windows, Microsoft, Norton AntiVirus, Gen Digital, or any other legitimate products or entities.
How the scheme progresses once the user calls the bogus helpline can vary. Typically, tech support scammers request remote access to the victim's device. This can be achieved using legitimate programs like UltraViewer, TeamViewer, AnyDesk, or others.
Threats posed by tech support scammers
Regardless of how the scam operates, cyber criminals continue to pretend that they are "support", "expert technicians", "Microsoft-certified technicians", etc. Once connected, they can cause a wide variety of damage – disable or remove genuine security tools, install fake anti-viruses, obtain sensitive information, acquire funds, and even infect the system with actual malware (e.g., trojans, ransomware, cryptominers, etc.).
Targeted data predominantly includes: log-in credentials (e.g., emails, social networking/media, data storage, e-commerce, cryptocurrency wallets, online banking, etc.), personally identifiable details (e.g., ID card info, passport photos/scans, etc.), and finance-related information (e.g., banking account details, credit card numbers, etc.).
The victim can be tricked into disclosing information over the phone or entering it into phishing websites/files. Alternatively, scammers can use data-stealing malware for this purpose.
What is more, the "services" provided by cyber criminals tend to be exorbitantly priced. They also prefer difficult-to-trace methods for obtaining funds, as that decreases the chances of persecution and victims retrieving their money. For example, criminals can ask for cryptocurrencies, gift cards, pre-paid vouchers, or cash hidden in innocent-looking packages and shipped. It is pertinent to mention that successfully scammed victims are often targeted repeatedly.
To summarize, by trusting a scam like "Your Security Is Not Up-To-Date" – users may experience system infections, severe privacy issues, financial losses, and even identity theft.
What should I do if I encounter a POP-UP scam?
Should it be impossible to exit a scam page, end the browser's process by using Windows Task Manager. Keep in mind that restoring the previous browsing session when reaccessing the browser will reopen the deceptive website.
If you have allowed scammers to access your device remotely – you must first disconnect it from the Internet. Afterward, uninstall the remote access software that they used, as scammers may not need your consent to reconnect. Lastly, run a full system scan with an anti-virus and remove all detected threats.
If you suspect that your log-in credentials have been compromised – immediately change the passwords of all possibly exposed accounts and inform their official support. And if you've provided other private data to cyber criminals (e.g., ID card details, passport scans/photos, credit card numbers, etc.) – contact the corresponding authorities without delay.
Name | "Your Security Is Not Up-To-Date" tech support scam |
Threat Type | Phishing, Scam, Social Engineering, Fraud |
Fake Claim | The system is infected, security is outdated, and the device has been locked. |
Disguise | Microsoft Windows, Norton AntiVirus |
Tech Support Scammer Phone Number | +1 (805) 706 8248 |
Symptoms | Fake error messages, fake system warnings, pop-up errors, hoax computer scan. |
Distribution methods | Compromised websites, rogue online pop-up ads, potentially unwanted applications. |
Damage | Loss of sensitive private information, monetary loss, identity theft, possible malware infections. |
Malware Removal (Windows) | To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. |
Technical support scam examples
We have examined countless online scams; "Blocked Due To Illegal Activity By The State", "Operating System Blocked Due To Questionable Activity", and "Critical Error IP Threat Detected" are merely a couple examples of tech support scams.
While threat alerts and security issues are a common scam model, it is not the only one. Other popular themes include prizes and lotteries, cryptocurrency giveaways, lost packages and shipping mishaps, blackmail attempts over nonexistent material, and so forth.
We strongly recommend exercising caution while browsing since the Internet is rife with deceptive and malicious content.
How did I open a scam website?
Scam pages can be spontaneously force-opened when a website that uses rogue advertising networks is accessed. Additionally, rogue sites can generate redirects to such pages when hosted content is interacted with (e.g., clicking buttons, text input fields, links, etc.).
Mistyping a website's URL can result in a redirect (or a redirection chain leading) to a deceptive webpage. Spam browser notifications and intrusive advertisements push online scams as well.
Adware can also display scam-promoting ads and/or force-open sites running them. Spam in general (e.g., emails, PMs/DMs, SMSes, forum/ social media posts, etc.) is used to endorse scams.
How to avoid visiting scam websites?
It is essential to be vigilant while browsing since fraudulent and dangerous online content usually appears genuine and harmless. For example, spam browser notifications and intrusive adverts can look innocuous – yet redirect to highly questionable websites (e.g., scam-promoting, gambling, pornography, adult dating, etc.).
We advise against using sites that offer pirated software/media or other questionable services (e.g., Torrenting, illegal streaming/downloading, etc.), as these webpages are usually monetized via rogue advertising networks. Another recommendation is to pay attention to URLs and type them with care.
To avoid receiving undesirable browser notifications – do not permit suspicious pages to deliver them (i.e., do not click "Allow", "Allow Notifications", etc.). Instead, deny notification delivery from such webpages (i.e., press "Block", "Block Notifications", etc.) or ignore these requests altogether.
Furthermore, download only from official/verified sources and treat installations with caution (e.g., by reading terms, studying options, using "Custom/Advanced" settings, opting out of additions, etc.) – to avoid unintentionally allowing bundled/harmful content to infiltrate the system.
If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Text presented in the first pop-up displayed by "Your Security Is Not Up-To-Date" scam:
Security update
The system has identified that your security is not up-to-date
[UPDATE] [CANCEL]
Screenshot of the second pop-up window displayed by this scam:
Text presented in this pop-up:
Alert!
Your system has reported us that it has been infected by trojen or spyware. following data has been compromised
>Email security
>Bank credentianl
>IP address has been conflict
Norton has detected unwanted adware since last 6 months that can steal your data, online access password and personal identity
You need to take action immediately to prevent and fix security protection
Call customer support to report this threat and unlock the device.
Always take security protocol seriously.
Customer Support: +1 (805) 706 8248
Screenshot of the final pop-up window displayed by this scam:
Text presented in this pop-up:
Error updating software: #009292w099738H98
Avoid turning off the computer. It might damage the hard drive or cause a system crash.
Some features have been disabled for security reasons. Please get in touch with customer support.
The appearance of "Your Security Is Not Up-To-Date" pop-up scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is "Your Security Is Not Up-To-Date" tech support scam?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Pop-up scams are messages intended to deceive users into performing specific actions. For example, victims can be lured into making monetary transactions, disclosing private information, calling fake support lines, downloading/installing software, purchasing products, etc.
What is the purpose of a pop-up scam?
Pop-up scams are designed to generate revenue. Cyber criminals profit primarily by obtaining funds through deception, abusing or selling sensitive information, promoting content, and spreading malware.
Why do I encounter fake pop-ups?
Pop-up scams are promoted on deceptive pages. Users mainly access these sites via redirects generated by webpages utilizing rogue advertising networks, mistyped URLs, spam browser notifications, intrusive ads, or installed adware.
I cannot exit a scam page, how do I close it?
If you cannot close a deceptive page, end the browser's process using Windows Task Manager. When reaccessing the browser, do not restore the previous browsing session – since it contains the scam webpage, and it will be reopened, thus resuming the problem.
I have allowed cyber criminals to remotely access my computer, what should I do?
If you have permitted cyber criminals to access your device remotely – first, disconnect it from the Internet. Second, remove the remote access program that the criminals used (e.g., UltraViewer, TeamViewer, AnyDesk, etc.). Last, perform a complete system scan with an anti-virus and remove detected threats.
I have provided my personal information when tricked by a pop-up scam, what should I do?
If you have provided your account credentials – change the passwords of all potentially compromised accounts and inform their official support. And if the disclosed information was of a different personal nature (e.g., ID card details, passport scans/photos, credit card numbers, etc.) – contact the appropriate authorities without delay.
Will Combo Cleaner protect me from pop-up scams and the malware they proliferate?
Combo Cleaner is designed to scan systems and eliminate all manner of threats. It can detect when a rogue, deceptive, or malicious website is entered. Additionally, it can deny all further access to such sites. Combo Cleaner is also capable of detecting and eliminating practically all known malware infections. Keep in mind that since sophisticated malicious programs typically hide deep within systems – running a full system scan is paramount.
▼ Show Discussion