A fake installer for Microsoft's Security Essentials is roaming, and the company is warning its users to be extra careful when contacting the help centers.
Scammers are pretending to be Microsoft and are delivering a "severe" warning to users, followed by a fake blue screen of death or BSoD and an error message.
The fake crash is paired with a recommendation to call a 1-800 number that is falsely advertised as being the Microsoft support center.
The malware is dubbed Hicurdismos and it disables Task Manager, thus blocking users from terminating the fake BSoD.
Hicurdismos is a malicious, but clever way of luring younger users into tech support scams.
While the older variants of the scam involved direct calls to targets, recent schemes are tapping into online pop-up ads and false security warnings that direct people into contacting fake support centers.
Microsoft points out that its authentic error messages never include support contact details. Users will see QR codes on their BSoD screens, which they can scan and send to Microsoft for analysis. What is more, the company's Malware Protection Center blog post underlines that Microsoft never asks for payment for delivering tech support.
The company says that attackers are refining their methods and are tapping into social engineering tactics that are misleading users.
Security Essentials is the product that Microsoft deployed to combat malware since before Windows 7. It should be noted that both Windows 8 and Windows 10 come with Windows Defender pre-installed, which makes it pointless for users to install Security Essentials.
However, users of newer versions of Windows are still vulnerable to being tricked into installing the fake Security Essentials. If this comes to pass, they'll be met with a BSoD message that's virtually the same with the legitimate BSoD error message in Windows 8 and Windows 10. The only difference is that a suggested 1-800 number to call for help will be available in the fake message.
Microsoft further notes that the malware comes from a company pretending to be Bluesquarez LLC. After unsuspecting users install the recommended malware file, a castle icon that resembles Security Essentials' appears.
In the best case scenario, users will get a notification from Microsoft's SmartScreen, informing them that the software might be harmful. That happens because the the bogus Microsoft product does not have a Microsoft certificate.
The Windows developer recently issued a survey that shows some worrying facts: 50 percent of the respondents between 18 and 34 years were victims of tech support scams, an impact rate significantly higher than the one registered in users 35 or beyond.