Windows Defender Pro Scam

Last night I had a quick conversation with some friends at the dojo. The conversation covered the topic of having to support friends and family's technical issues. The joke was the phone calls you get from parents, scared their computer is infected with a virus. If you use the web without ad blockers you no doubt have come across a site that creates a pop-up pretending to scan your computer for a virus.

Windows Defender Pro Scam

As I surfed this weekend one that popped up. The ad pops up and pretends to be scanning your hard drive, complete with an animated gif giving the appearance of work. They name their fake product Windows Defender Pro, playing off the name of the anti-virus software built-in Windows. To the uninitiated this looks like a very real thing, but it's not. This is nothing but a scam, how do I know?

First they use the Internet Explorer logo and I use Edge. They therefor are not smart enough to detect my browser correctly. They illegally use a trademarked logo in an effort to give their scam legitimacy.

I know Edge does not allow third party plugin or ActiveX controls. By the way, this is a big security plus, no ActiveX controls or plugins. The very way legitimate third party virus software works is via ActiveX. More on them in another post. Since a third party application cannot execute in Edge I know this is fake. There is no web standard allowing an application to do anything remotely close to scanning for viruses.

Windows Defender Pro Scam HTML

Because I am me and know how to check a page's markup and source code I hit F12 and examined the markup. I could clearly see this is a web page, not an application. Notice the first content element is a series of images, one for each browser logo. Most have their style set to display:none, hiding them. As you will see next the page does browser sniffing to display its best guess as to what browser you are using.

The page is pretty simple, complete with a fake progress bar and even an embedded sound. I never heard the sound because my speakers were muted.

At least they included their scripts at the bottom of the page. However they are loading about 600kb of scripts and CSS they never use. So my web performance optimization mind gives them a big negative for doing this. After crafting something so cleaver they make such a rookie mistake by including jQuery, jQueryUI and Bootstrap, none of which are used. So not only do they scare you they cause you to spend money over your cellular connections, wasting your bandwidth!

Windows Defender Pro Scam JavaScript

How do I know they do not use those libraries? I looked at their JavaScript, a nice tight script I might ad. Despite using eval the script is a very impressive piece of work. It looks like it randomly selects a fake file to display as the problem or some other random scary message. In my case, '21 Malicious Virus'.

For the first second my mind worried before my logical side caught up and reminded me this is a scam. This is not the first time this pop-up occurred and not doubt millions of others have seen this scam before as well. I am betting a parent, aunt or uncle saw this scam and called you in panic. Hopefully you told them to close the window and go on with their life because nothing is wrong. Unfortunately enough people fall victim to this scam and call the phone number, handing over money they shouldn't and probably downloading some fake anti-virus software full of malicious code.

The next time you see this Windows Defender Pro Scam or similar scam, close the window. The only thing wrong is the ethics of this company. They are NOT scanning your computer for viruses. They are trolling the web to take your money.

Share This Article With Your Friends!