Windows 10 users are complaining of being targeted by fraudsters through in-app ads delivered through Microsoft’s own software.
The fraudulent apps are being delivered through native Windows 10 applications like the Microsoft News app, according to Windows-focused site Ghacks.
Much like online ads promoting tech-support scams, the in-app ads are using bogus system alerts to warn users of non-existent security threats and other issues.
The example Ghacks noticed claims that a PC is infected with multiple viruses and contains a warning that “personal and banking information is at risk”. The ad then encourages users to click a ‘Scan now’ button, which likely leads to a phishing page or will download unwanted software.
Other scam ads appearing in Microsoft apps claim that the viewer of the ad has won a new iPhone while other ads ask users to participate in a survey. Both types of fraudulent ads encourage the user to click the button and either give up their data or download unwanted software.
The fraudulent ads were first spotted by German Windows site Borncity. According to complaints on Microsoft’s answers site, the fraudulent ads are also coming through Microsoft Games.
A warning in German on Microsoft’s answers forum explains that “there is an increase in the number of malicious banner ads that open fraudulent web pages in the standard browser when starting or using apps on Windows 10”.
“These websites either promise winnings in a competition or threaten to infect your PC with viruses. Both are nonsense.”
Using ads with scary messages to convince victims to install malware is an old trick, but this case is notable since the scam ads are being delivered by Microsoft’s own ad-supported apps.
A Latvian national was jailed last year for a similar scam targeting users initially through a US news website. The ads led to fraudulent websites that would install scareware on victims’ computers, displaying fake Windows support pop-ups and messages aimed at convincing people to buy antivirus.
The fraudulent ads in this case aren’t examples of locally installed scareware, which Microsoft has attempted to address with a Windows Defender policy introduced last year to tackle free versions of program that claim to find errors on a computer and then scare victims into buying the premium version.
If the program uses alarming or coercive messages, Windows Defender classifies it as unwanted software and will remove it.
Tech-support scammers last year also flooded Microsoft’s TechNet portal with fraudulent pages to boost the chances of their scam ads appearing higher in search results on Google and Microsoft Bing.