Windows Defender will soon detect, remove cleaner scareware
The changes go into effect on March 1By Shawn Knight 16 comments
Microsoft is taking action against applications that use scare tactics to swindle money out of consumers.
From March 1, Windows Defender and other Microsoft security products will classify programs that display "coercive messages" as unwanted software. Upon detection, such programs will be removed from the user's system.
Odds are, you've seen these types of programs in practice. Typically advertised as free computer cleaners or optimizers, offending programs "scan" your computer for viruses or errors then use alarming, coercive messages designed to scare users into purchasing a premium version of the program to "fix" the fabricated issues.
In reality, it's little more than a scam to swindle money from frightened users. Often times, such programs are malware themselves.
Microsoft's beef with such programs is that they can pressure customers into making unnecessary purchase decisions. As such, they are updating their evaluation criteria to specify that programs must not use coercive or alarming messages that can pressure consumers into making a purchase or performing other actions.
Microsoft says software that coerces users may display the following characteristics, among others:
- Reports errors in an exaggerated or alarming manner about the user's system and requires the user to pay for fixing the errors or issues monetarily or by performing other actions such as taking a survey, downloading a file, signing up for a newsletter, etc.
- Suggests that no other actions will correct the reported errors or issues
- Requires the user to act within a limited period of time to get the purported issue resolved
The move is in addition to earlier steps Microsoft has taken to regulate cleaner and optimizer programs including requiring them to provide users with detailed information about what purportedly needs to be fixed following a scan.
Developers looking to validate the detection of their programs can do so via Microsoft's Windows Defender Security Intelligence portal.