Don't Fall For The "Security Protection Center" Malware Scam

The internet can be a dangerous place, filled with nefarious characters looking to take advantage of unsuspecting victims. One common scam making the rounds is the “Security Protection Center” pop-up scam. This deceptive pop-up uses fear and urgency to trick users into spending money on an unnecessary “antivirus” service.

This article contains:

Scam Overview

The “Security Protection Center” scam operates by redirecting web users to a fake website made to mimic an antivirus program. Upon landing on the malicious page, victims are confronted by an alarming pop-up filled with dire warnings about malware infecting their computer.

Security Protection Center

Network Security

Malware & Virus Issues found

Privacy Leakage Issues found

(28) security threats are detected!

Immediate action is required to avoid data leakage, network spoofing, phishing attacks, spyware and improper session handling.

Tap the button to subscribe the antivirus protection service on the next page for only $3.99/month, and activate it to remove all the security threats immediately. ***Exit at your own risk***

Tracking by 20+ unknown malwares and malicious codes.

10+ Malicious applications have been installed in background and hidden.

Fix Now

This fake pop-up is carefully crafted to instill fear and panic in order to get victims to react impulsively. Bold warnings of “28 security threats detected!” and “Immediate action required” put pressure on users to take swift action before their data is breached.

To eliminate the supposed threats, the page prompts victims to purchase an “antivirus protection service” subscription for $3.99 per month. This offering is completely bogus, yet the urgency and sophistication of the scam page tricks many users into handing over their money.

The criminals behind this racket exploit common anxieties over malware, phishing, and digital security in order to deceive their marks. By claiming the computer is riddled with privacy leaks, network spoofing, spyware, and other menaces, they play off of people’s lack of cybersecurity knowledge.

This con is especially devious because it combines manipulation of fears with high-pressure sales tactics. The repeated warnings to take immediate action “before it’s too late” coerce victims into making a hasty decision. This results in many people falling for the scam and signing up for a useless “antivirus” service without thinking it through.

The fake security software does not actually provide any protection benefits to the victims. Yet if users get duped into providing their credit card information, they get saddled with recurring monthly charges. They also run the risk of having their personal and financial data stolen by cybercriminals.

This troubling pop-up scam underscores the importance of thinking critically before clicking on anything inside your web browser. Savvy internet users need to be on high alert about messages urging them to download antivirus software or fix supposed infections.

If you ever encounter a pop-up resembling this “Security Protection Center” ruse, close it immediately. Do not enter any information or purchase anything from the page. Running a legitimate antivirus program with updated definitions will detect true malware infections without requiring intervention from dubious security warnings.

How the Scam Works

The criminals running this racket rely on a variety of devious methods to snare victims. By understanding their techniques, web users can identify and avoid this prevalent scam.

1. Spreading Through Malvertising

One of the primary methods for propagating this scam involves malvertising. This scheme embeds malicious code inside online ads which redirect victims to the fake Security Protection Center upon clicking.

The scammers purchase inexpensive ad space from networks with loose policies around ad content. When the compromised ads load on sites, the embedded scripts identify potential victims via tracking cookies, browser fingerprints, and other data points.

Once identified, the target gets redirected to the fraudulent Security Protection Center page without their consent. This creates the illusion that their own computer flagged security issues rather than the shady pop-up itself.

2. Targeting Specific Groups

The cybercriminals rely heavily on analytics to determine who gets redirected to the scam page. By profiling visitors based on digital fingerprints, they target specific demographics perceived as more likely to fall for the con.

Groups with less technical knowledge such as seniors, children, and those in developing nations often get singled out by the scammers. By preying on those less likely to scrutinize the pop-ups, the crooks boost their conversion rates.

3. Mimicking Legitimate Software

The fake Security Protection Center site utilizes official branding, logos, and messaging from actual antivirus products to appear valid. Names like MacAfee, AVG, Norton and Avast are commonly misappropriated on the scam versions.

This sophisticated mimicry makes the pop-up seem like the real deal to unsavvy users. The criminals also purchase expired web domains that previously belonged to legitimate security companies to reinforce the illusion.

4. Injecting High Severity Warnings

Once victims land on the scam page, they get bombarded with intimidating warnings about the supposed threats detected on their system. Authority-evoking language like “ 28 SEVERE infections found!” convey urgency.

Status messages highlighting critical malware, spyware, and vulnerability issues discovered on the network further unsettle victims. Citing specific technical problems like “RDP brute force attacks” and “DNS poisoning” make the warnings seem credible.

In reality, these alerts are completely fabricated by the scammers to provoke panic. But the ominous red banners and descriptions cause many people to think their computer has been compromised.

5. Pressuring Victims to Act Quickly

The fake Security Protection Center page utilizes numerous high-pressure scare tactics to rush victims into signing up. Bold statements warning that “Your network is not secure” and advising users to take action immediately instill a false sense of emergency.

Emphasizing the risks of identity theft, stolen passwords, and financial fraud preys upon people’s anxieties over data breaches. The constant barrage of warnings conditions visitors to believe immediate action is necessary, preventing level-headed analysis.

For victims questioning the validity of the threats, the site doubles down on urgency statements like:

“Leaving issues unresolved puts you at risk of data loss and cybercriminals harvesting your personal information.”

This forces victims to make a snap judgement call between protecting themselves or risking compromised finances and privacy. The high-pressure environment manipulated many into opting for the supposed “security” offered.

6. Upselling Useless Services

After hammering visitors with constant warnings, the fake Security Protection Center advertises its “antivirus” subscription as the solution. The scammers promise that for just $3.99 a month, users can download the software to combat all of the identified threats.

In reality, the software is useless or may even contain additional malware. But the misleading presentation makes victims believe they are getting a bargain on security protection by signing up.

The crooks further entice victims by suggesting the discounted monthly rate is only a temporary deal. Fake countdown timers warning the price is set to double creates a false sense of scarcity to prompt quicker signup.

7. Collecting Personal and Financial Data

To complete the signup process, users have to provide their name, address, phone number, and credit card details. The scammers claim this is standard procedure to begin downloading the antivirus software.

In actuality, the crooks can harvest submitted data to steal identities and finances. Once a victims’ info gets collected in the scam checkout forms, it can then get sold on to other fraudsters and cyber criminals.

So not only do victims not receive any valid malware protection, but they are also at heightened risk of additional frauds like credit card theft or account takeovers. Their personally identifiable information can continue to spread through black market data leaks as well.

What to do if You Have Fallen Victim

If you unfortunately got duped and shared your information with one of these fake Security Protection Center schemes, remain vigilant and take protective actions to minimize harm. Here are steps to take if you fell prey to the scam’s manipulation and misleading claims:

1. Contact Your Bank

If you entered any credit card or banking details into the scam checkout form, your first priority should be to get in touch with those financial institutions. Inform them that you may have accidentally subscribed to a fraudulent service so they can monitor closely for suspicious charges.

Depending on your level of concern, you may want to preemptively cancel your current cards and request replacements to prevent potential misuse. Enable text or email alerts on accounts whenever possible as well so you can spot any weird activity.

2. Check Credit Reports

Since cyber criminals may have gained access to your personal data, it is wise to keep close watch for any signs of identity theft. Run credit checks regularly to verify no unauthorized accounts have been opened using your identity.

Freeze credit if needed to block criminals from taking out new lines of credit under your name. Frequently review all financial statements, watch for errors, and report any unknown transactions to your bank.

3. Reset Passwords

With your personal information exposed, change passwords on any existing online accounts as a precaution. Use unique, complex passwords for every account using a password manager if helpful. Enable two-factor authentication on important logins whenever possible.

Scrutinize password reset emails closely, as scammers may try gaining access to your other accounts. Never click password reset links that seem suspicious. Instead, navigate directly to the legitimate site and request a reset through official channels only.

4. Run Legitimate Antivirus Scans

Even though the initial “security center” was fake, err on the side of caution by scanning your devices for real malware. Use a trusted antivirus solution like Malwarebytes to check for viruses or other infections.

Review installed programs as well to spot anything suspicious that may have slipped in unnoticed. Performing a cache clear and deleting temporary files after scans can also help wipe out any lingering malware cookies or scripts.

5. Avoid Scams Moving Forward

Learn how to identify trickery to avoid falling for another online scam. Be wary of pop-up messages conveying urgency or requesting sensitive information. Close browser tabs immediately if they look suspicious.

Check site URLs for misspellings, odd domain names, or absence of HTTPS security.ONLY enter payment details on encrypted sites you trust after independently looking up the company.

Use an ad blocker like AdGuard to reduce malicious content risks. Keep software patched and updated to address vulnerabilities scammers could exploit. Learning the common tricks scammers use gives you the upper hand.

Is Your Device Infected? Check for Malware

If your device is running slowly or acting suspicious, it may be infected with malware. Malwarebytes Anti-Malware Free is a great option for scanning your device and detecting potential malware or viruses. The free version can efficiently check for and remove many common infections.

Malwarebytes can run on Windows, Mac, and Android devices. Depending on which operating system is installed on the device you’re trying to run a Malwarebytes scan, please click on the tab below and follow the displayed steps.

Malwarebytes For WindowsMalwarebytes For MacMalwarebytes For Android

Scan your computer with Malwarebytes for Windows to remove malware

Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.

Download Malwarebytes for Windows

You can download Malwarebytes by clicking the link below.

MALWAREBYTES FOR WINDOWS DOWNLOAD LINK
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes

After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes

When the Malwarebytes installation begins, the setup wizard will guide you through the process.
- You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
- Malwarebytes will now begin the installation process on your device.
- When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
- On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.

Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.

In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.

Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.

To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.

Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware

Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.

Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.

When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.

Your computer should now be free of trojans, adware, browser hijackers, and other malware.

If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future.
If you are still having problems with your computer after completing these instructions, then please follow one of the steps:

Run a computer scan with ESET Online Scanner
Ask for help in our Windows Malware Removal Help & Support forum.

Scan your computer with Malwarebytes for Mac to remove malware

Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.

Download Malwarebytes for Mac.

You can download Malwarebytes for Mac by clicking the link below.

MALWAREBYTES FOR MAC DOWNLOAD LINK
(The above link will open a new page from where you can download Malwarebytes for Mac)
Double-click on the Malwarebytes setup file.

When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.

When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.

When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.

The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.

To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.

Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.

When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.

Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.

Your Mac should now be free of adware, browser hijackers, and other malware.

If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future.
If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.

Scan your phone with Malwarebytes for Android to remove malware

Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.

Download Malwarebytes for Android.

You can download Malwarebytes for Android by clicking the link below.

MALWAREBYTES FOR ANDROID DOWNLOAD LINK
(The above link will open a new page from where you can download Malwarebytes for Android)
Install Malwarebytes for Android on your phone.

In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.

When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process

When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options.
This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue.

Tap on “Got it” to proceed to the next step.

Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue.

Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android

You will now be prompted to update the Malwarebytes database and run a full system scan.

Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.

Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.

When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.

Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.

Your phone should now be free of adware, browser hijackers, and other malware.

If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future.
If you are still having problems with your phone after completing these instructions, then please follow one of the steps:

Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
Ask for help in our Mobile Malware Removal Help & Support forum.

Frequently Asked Questions About the Security Protection Center Scam

What is the Security Protection Center scam?

This is a deceptive pop-up scam that redirects users to a fake antivirus program. The pop-up displays warnings about malware and viruses, then prompts victims to pay for useless “antivirus” software to fix the non-existent issues.

How does the scam work?

The criminals behind it redirect visitors from malware-laced ads. The fake security page uses fear tactics about threats and a false sense of urgency to manipulate victims into entering personal information and paying for bogus services.

What are signs I may be on a scam page?

Warning signs include pop-ups with red exclamation marks, threats of malware issues, claims your computer is “not secure,” offers for anti-virus software, and requests to enter payment details. Odd URLs and pressure to “act fast” are also red flags.

What if I already provided my information?

If you entered any financial or personal information, immediately contact your bank and monitor statements closely for fraudulent charges. Also change passwords, run legit antivirus scans, and check your credit reports for any signs of identity theft.

Should I pay money to the scam page?

No, never pay the site or enter your details, even if you feel pressured. The antivirus software advertised does not work and is just a ploy to collect your money and information.

How can I avoid the scam in the future?

Close out of suspicious pop-ups immediately and do not click on anything within them. Use ad blockers, avoid clicking questionable ads, and look for “HTTPS” in the URL of sites requesting sensitive info. Use unique passwords and enable two-factor authentication on accounts.

What if my computer is infected with real malware?

Download a trustworthy antivirus program like Malwarebytes directly from the company site, not third-party ads. Run scans to locate any legitimate infections, remove any suspicious programs, and update your software. But you should not have to pay money to fix viruses.

Who do I report the scam to?

Alert the FTC about potential phishing scams, and notify the web host or domain registrar about the abusive site. Also warn your friends and community about the latest scam tactics.

Will I be in legal trouble if I paid the scammers?

No, victims of fraud are not typically culpable. Instead, report it to authorities and your bank in case the scammers try the scheme on others. Be proactive about blocking payments and securing accounts if you did fall prey to preserve finances and identity.

The Bottom Line

The prevalence of the fake Security Protection Center scam demonstrates why exercising caution online is so crucial. While the misdirection and manipulation tactics seem convincing, they exploit fears rather than reflect actual threats.

With scammers constantly evolving their techniques, web users have to stay skeptical of anything unusual. Never let unfamiliar pop-ups pressure you into hasty decisions regarding financial data or software downloads. Stop and invest time into verifying legitimacy first.

Staying informed and proactive are your best defenses against online fraud. Following smart digital hygiene habits and warning others about the latest scams helps create a safer web for everyone. With vigilance and awareness, we can try to stay one step ahead of those seeking to take advantage.

Here are 10 basic security tips to help you avoid malware and protect your device:

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.