{"id":4220,"date":"2018-02-04T00:01:17","date_gmt":"2018-02-04T06:01:17","guid":{"rendered":"http:\/\/blog.zoha-islands.com\/?p=4220"},"modified":"2018-02-04T00:01:17","modified_gmt":"2018-02-04T06:01:17","slug":"microsoft-takes-on-the-scammers","status":"publish","type":"post","link":"https:\/\/zoha-islands.com\/blog\/microsoft-takes-on-the-scammers\/","title":{"rendered":"Microsoft Takes on the Scammers"},"content":{"rendered":"

Starting March 1, 2018, programs that attempt to coerce users into paying for dubious protection or PC performance \u201coptimization\u201d will be removed automatically by Microsoft Windows Defender Antivirus and other Microsoft security products. I can think of several rogues that will be hopefully out of business soon. Here’s what you need to know…<\/p>\n

Bringing Down the Hammer on Scammers<\/h2>\n

\"\"<\/h2>\n

Microsoft has announced they are taking aim against programs like TotalAV, ScanGuard, PC Protect, and other \u201cfree security\/performance checkup\u201d scams.. Hallelujah! These programs are legion on the Internet, and like the three named above, many are often owned by the same devious company. <\/span><\/span><\/p>\n

They dominate the top spots in search results by paying the most to place their ads there. (I wish Google would do more to police this.) Every day, thousands of people who are trying to find free help for real PC problems instead get sucked into vortexes of FUD – \u201cFear, Uncertainty, and Doubt\u201d – and jerked around in expensive circles by con artists who follow a time-tested formula:<\/div>\n
    \n
  1. Offer a free \u201ccheckup\u201d of a PC to find malware or causes of sluggish PC performance.<\/li>\n
  2. Display a spinning circle or \u201cPlease wait, finding problems that could cause disaster\u201d messages<\/li>\n
  3. Show the victim screen after screen of alarming \u201cwarnings\u201d about \u201cinfections\u201d and \u201cvulnerabilities\u201d that actually don\u2019t exist; the step above is just drama.<\/li>\n
  4. Pressure the victim to pay for the \u201cpremium\u201d version of the useless software, which does not exist.<\/li>\n
  5. If the victim buys, tell him the problem that doesn\u2019t exist is \u201cfixed\u201d but more problems remain.<\/li>\n
  6. Pressure the victim again for even more money for a bogus \u201cfix\u201d to problems that don\u2019t exist.<\/li>\n
  7. Repeat steps 5 & 6 as long as they work.
    \n

    Optimizing The Anti-Optimizer Strategy<\/h2>\n

    <\/span>Microsoft first set some mild standards for \u201ccleaner and optimizer\u201d programs in February, 2016. All such programs had to do was tell a user specifically what problems it proposed to fix, and the program got a pass from Microsoft security products. Look how well that “honor system” approach worked for everyone! But now, Microsoft is getting serious, and dropping the hammer on these scam programs. <\/span><\/p>\n

    Microsoft\u2019s evaluation criteria<\/a> is a document specifying unacceptable characteristics of programs scanned by Windows Defender and other Microsoft security programs. A new section spells out \u201cUnwanted behaviors: coercive messaging\u201d that will cause a program that exhibits it to be removed automatically from the user\u2019s machine. \"\"<\/p>\n

    Even when victims say, \u201cNo, I won\u2019t pay,\u201d a fake cleaner\/optimizer can still try to wring some money out of them by persuading or scaring them into answering a \u201cshort survey.\u201d Ostensibly, the victim\u2019s answers will only be used to help improve the \u201cfree\u201d program.<\/p>\n

    But the deeper a victim goes into such surveys, the more personal and sensitive the questions become. You can easily be suckered into giving up bits of personal data that enable identity thieves to figure out the answers to your \u201csecret\u201d password recovery questions, or the actual passwords that you use, or the name of your bank, and other tools of ID theft.<\/p>\n

    Microsoft\u2019s new \u201cunwanted behaviors\u201d include this sort of con, too. Programs that use such slimy tricks will be removed from PCs defended by Windows Defender beginning March 1.<\/p>\n

    Also on the \u201cunwanted behaviors\u201d list are programs that suggest they are the only way to fix a problem; programs that set a deadline for the user to take action; programs that require the victim to download a file (which is probably a Trojan or virus); or sign up for a newsletter (so your email address can be sold to spammers). Such programs will be deleted automatically starting March 1.<\/p>\n

    Have You Encountered Rogue Software?<\/h2>\n

    <\/h2>\n

    <\/h2>\n

    \"\"You can help in this fight against the scammers. If you encounter what you think may be rogue software, report the problem to Microsoft. You can anonymously submit a program<\/a> to Microsoft for analysis, and security researchers will analyze the file(s) to determine if they should be classified as malware. (Hmmm, this alone might be a good reason to download TotalAV.)<\/p>\n

    If you are running Windows 10, Windows Defender is included and enabled, unless you’ve installed a third-party security tool. I’ve been critical of Defender in the past, but it seems to have improved greatly, and has some compelling new features. (See UPDATE: Is Windows Defender Enough Security?<\/a>)<\/p>\n

    Microsoft’s announcement says that the “rogue removal” feature will be included in “Windows Defender and other Microsoft security products,” but they didn’t go into any detail about what those other products are, or if this protection will be extended beyond Windows 10. As more information becomes available, I’ll update you.<\/p>\n

    I applaud Microsoft for taking direct action to protect Windows users from one of the most widespread threats online. I just wish they\u2019d done it back in February, 2016, instead of setting easily circumvented, toothless rules.<\/p>\n

    Have A Great Week!<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

    Starting March 1, 2018, programs that attempt to coerce users into paying for dubious protection or PC performance \u201coptimization\u201d will be removed automatically by Microsoft Windows Defender Antivirus and other Microsoft security products. I can think of several rogues that will be hopefully out of business soon. Here’s what you need to know… Bringing Down … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":4225,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/posts\/4220"}],"collection":[{"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/comments?post=4220"}],"version-history":[{"count":0,"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/posts\/4220\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/media\/4225"}],"wp:attachment":[{"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/media?parent=4220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/categories?post=4220"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zoha-islands.com\/blog\/wp-json\/wp\/v2\/tags?post=4220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}