While investigating suspicious sites, our researchers discovered the "Online Internet Banking Security Center" technical support scam. It imitates the Microsoft website that warns visitors of a major security breach threatening their personal and banking information.

Schemes of this kind aim to deceive victims into calling fake helplines and having "expert technicians" fix the nonexistent issues.

"Online Internet Banking Security Center" scam overview

This scam appears as the Microsoft website overlaid with multiple pop-up windows. The topmost pop-up is titled "Online Internet Banking Security Center"; it alerts the visitor that five threats were detected on their device.

This security breach threatens the integrity of personal data, banking information, log-in credentials, and other vulnerable content saved on the computer. The user is urged to call the provided support line to address these threats.

It must be stressed that all information provided by this scheme is false, and it is not associated with the actual Microsoft Corporation or any of its products and services.

These scams can take place entirely over the phone, but more often than not – they involve remote access. The fake support can trick victims into allowing them to connect to their devices, typically by relying on legitimate remote access software like AnyDesk, UltraViewer, TeamViewer, or other programs.

The risks linked to tech support are incredibly varied and severe.

Threats posed by tech support scammers

While on call with scammers behind the "Online Internet Banking Security Center" scheme, victims may be deceived into making monetary transactions, disclosing sensitive data, downloading/installing malware, purchasing bogus products, etc.

Cyber criminals usually ask callers to permit them remote access to their computers. Once connected, scammers perform bogus threat removal and other "services".

However, what they can actually do is disable/remove genuine security tools, install fake anti-viruses, steal sensitive data, or infect the device with malware (e.g., trojans, ransomware, cryptominers, etc.).

Criminals primarily seek the following information – log-in credentials of various accounts (e.g., emails, social media, messengers, online banking, e-commerce, digital wallets, etc.), personally identifiable details, and finance-related data (e.g., banking account details, credit/debit card numbers, etc.). This information can be acquired over the phone, through phishing sites/files, or via data-stealing malware.

Furthermore, the "services" of these scammers can be exorbitantly priced. Scammers use difficult-to-trace methods to acquire funds, such as cash hidden in packages and shipped, gift cards, pre-paid vouchers, cryptocurrencies, and so on. These methods complicate or may even make successful prosecution and money retrieval impossible. What is more, victims who are scammed by these schemes are often targeted repeatedly.

In summary, by trusting a scam like "Online Internet Banking Security Center" – users can experience system infections, severe privacy issues, significant financial losses, and identity theft.

If you cannot close a deceptive webpage, end the browser's process using Task Manager. Remember that restoring the previous browsing session will reopen the scam page – hence, start a new one when reaccessing the browser.

Should you have permitted cyber criminals to access your device remotely, you must first disconnect it from the Internet. Afterward, uninstall the remote access program that the criminals used since they might not need your consent to reconnect. Lastly, run a full system scan with an anti-virus and remove all detected threats.

If you believe that your log-in credentials have been exposed – change the passwords of all potentially compromised accounts and inform their official support. And if you have disclosed your personally identifiable or finance-related information – contact the corresponding authorities without delay.

Threat Summary:

Name	"Online Internet Banking Security Center" tech support scam
Threat Type	Phishing, Scam, Social Engineering, Fraud
Fake Claim	Visitor's device is infected with five viruses/malware threatening their personal and financial data.
Disguise	Microsoft
Tech Support Scammer Phone Number	+1-855-518-2590
Related Domains	windows[.]net
Detection Names (windows[.]net)	Yandex Safebrowsing (Phishing), Full List Of Detections (VirusTotal)
Serving IP Address (windows[.]net)	20.60.153.134
Symptoms	Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods	Compromised websites, rogue online pop-up ads, potentially unwanted applications.
Damage	Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Malware Removal (Mac)	To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Tech support scam examples

"Microsoft Detected A Unusual Application In Your System", "Temporary Files Deletion Have Started", "Error: Ox800VDS", and "Threat Detected: xxbc Detected" are merely some of our newest articles on technical support scams.

The Internet is rife with deceptive and malicious content. Various scans can be found online, and they use a broad range of lures to gain and subsequently abuse victims' trust. For example, these schemes can claim that users' computers are infected, essential software requires updates, critical services need renewal, companies of great renown are running product promotions, and so forth.

While online scams can be poorly put together and full of errors, they may also be competently crafted and even believably disguised as content associated with genuine entities (e.g., companies, organizations, institutions, authorities, etc.). Therefore, exercise caution while browsing.

How did I open a scam website?

Deceptive websites are commonly accessed via redirects generated by intrusive ads, sites using rogue advertising networks, mistyped URLs, and installed adware. Various types of spam (e.g., emails, SMSes, PMs/DMs, browser notifications, social media/ forum posts, etc.) are also used to promote online scams.

How to avoid visiting scam websites?

Caution is essential to online safety. Therefore, take note of URLs and type them carefully. Be wary of advertisements, and do not trust offers that sound too good to be true.

Additionally, be selective when allowing pages to deliver browser notifications; do not permit suspicious ones to display these ads, and instead ignore or deny such requests (i.e., press "Block", "Block Notifications", etc.).

Do not use sites offering pirated content or other questionable services (e.g., illegal streaming/downloading, Torrenting, etc.), as these webpages are typically monetized via rogue advertising networks. Be vigilant with incoming emails and other messages; do not open attachments or links found in dubious/irrelevant mail.

Download only from official/verified channels and treat installations with care (e.g., study terms and options, use "Custom/Advanced" settings, and opt out of additional apps, extensions, etc.) – to prevent bundled/hazardous software (like adware) from infiltrating the system.

If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate all threats.

Text presented in "Online Internet Banking Security Center" pop-up:

Online Internet Banking Security Center

(5) Virus/Malware infections have been detected on your device.
Address IP: -
Location: -
ISP: -

Your personal data, banking information and web login credentials saved on this PC are at risk due to a major security breach.
Contact Online Internet Banking Support: +1-855-518-2590 (Internet Banking Helpline)

Online Internet Banking
Leave Page Report an issue

The appearance of "Online Internet Banking Security Center" pop-up scam (GIF):

Instant automatic Mac malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

• Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
• Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
• Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
• Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
• Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for macOS.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

• If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
• If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
• If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for macOS) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
• Help other Internet users: report Internet scams to Federal Trade Commission.

Frequently Asked Questions (FAQ)

What is a pop-up scam?

Pop-up scams are deceptive messages that use pop-up windows; their purpose is to trick users into performing specific actions. To elaborate, victims can be deceived into calling fake support lines, allowing scammers to access devices remotely, providing sensitive information, downloading/installing software, sending money to criminals, purchasing products, subscribing to services, and so forth.

What is the purpose of a pop-up scam?

Pop-up scams aim to generate revenue at victims' expense. Cyber criminals primarily profit by acquiring funds through deception, endorsing content (e.g., websites, software, products, services, etc.), abusing/selling private information, and spreading malware.

Why do I encounter fake pop-ups?

Pop-up scams are most commonly endorsed via websites that utilize rogue advertising networks, intrusive ads (malvertising), spam (e.g., emails, DMs/PMs, SMSes, social media posts, browser notifications, etc.), misspelled URLs (typosquatting), and adware.

I cannot exit a scam page, how do I close it?

If you cannot exit a scam webpage – end the browser's process using Task Manager. When reaccessing the browser, do not restore the previous browsing session – as that will reopen the deceptive site.

I have allowed cyber criminals to remotely access my computer, what should I do?

If you have allowed cyber criminals to remotely access your computer – first, disconnect it from the Internet. Second, remove the remote access software that the criminals used (e.g., UltraViewer, TeamViewer, etc.), as they might not need your permission to reconnect. Lastly, perform a full system scan with an anti-virus and eliminate all detected threats.

I have provided my personal information when tricked by a pop-up scam, what should I do?

If you have provided your log-in credentials – change the passwords of all possibly exposed accounts and inform their official support without delay. However, if you have disclosed other private data (e.g., ID card details, passport photos/scans, credit/debit card numbers, etc.) – immediately contact the corresponding authorities.

Will Combo Cleaner protect me from pop-up scams and the malware they proliferate?

Combo Cleaner is designed to eliminate all types of threats. It can scan visited websites for deceptive and malicious content. Hence, should you happen upon such a webpage – you will be warned immediately, and further access to it will be blocked. Combo Cleaner is also capable of detecting and removing almost all known malware infections. Note that running a complete system scan is paramount since high-end malicious software typically hides deep within systems.