Home Malware Programs Trojans 'MSSecTeam' Tech Support Scam

'MSSecTeam' Tech Support Scam

Posted: February 13, 2017

The 'MSSecTeam' tech support scam is a hoax that tries to lock the users' computers until they pay a Bitcoin ransom. Its attacks can include blocking the desktop or closing other programs automatically. Follow the recommendations in this article to re-secure your PC by disabling the screen-locker, which will let you remove the 'MSSecTeam' tech support scam with the anti-malware solution of your choice.

Rendering Payment to the Wrong Microsoft

The people who exercise control over Trojan campaigns know just as well as marketers that a brand's name has a degree of power, and using the right one can equate to increased revenue. The 'MSSecTeam' tech support scam is one of the newest threats malware experts caught using the name of Microsoft for ill-minded purposes, using a technique very similar to the 2016's 'Validate Copy Of Your Microsoft Windows' Tech Support Scam. This pop-up based attack is deliverable by a Trojan after it installs itself on your PC or a compromised website loaded by your Web browser theoretically.

The 'MSSecTeam' tech support scam launches through an HTML Application file that creates an interactive pop-up. Although malware analysts see at least three, minor variants of this message, all versions make the claim of being system-locking penalties from Microsoft resulting from the user's illegal behavior, such as torrenting, sending spam, or using an illegal version of Windows. The message demands a Bitcoin fee paid to unlock your PC after you contact an e-mail address through the Tor Browser (a Web browser favored by con artists for its anonymity features).

While the 'MSSecTeam' tech support scam also claims to lock your files by encrypting them, the encryption algorithm it identifies, ZhuangZi, is fake. Malware experts can find no firm evidence of this attack being a part of the payload of any Trojan associated with the 'MSSecTeam' tech support scam's pop-ups.

Playing Your Personal Security Team to a Fake One

Although the 'MSSecTeam' tech support scam uses the name of Microsoft out of an attempt to look legitimate, the majority of the information within its pop-up provides clear clues as to its nature as a hoax. Being able to recognize a bare minimum of basic encryption standards and a typical Windows behavior can help PC users identify attacks like the 'MSSecTeam' tech support scam and avoid paying the fraudulent ransom. Since the 'MSSecTeam' tech support scam doesn't appear to be causing any permanent file damage, malware experts see no reason to pay any Bitcoin fee and recommend alternate solutions.

Most the 'MSSecTeam' tech support scam pop-ups will block your desktop, and some variants also may terminate programs like the Task Manager. Using the 'Safe Mode' system startup feature while rebooting can help avoid re-launching this attack regardless of whether it launches from your Web browser or a Trojan. Use your anti-malware software to determine which version of the 'MSSecTeam' tech support scam is on your PC and, if appropriate, clean temporary Web-browsing files like cooking that could unintentionally reload the attack.

The 'MSSecTeam' tech support scam's profit model is heavily dependent on PC users who bear guilty consciences from law-breaking online histories, as well as a general ignorance of appropriate legal actions from their operating system's developer. Until the public educates itself on these facts, attacks like the 'MSSecTeam' tech support scam will continue locking desktops and reaping the rewards of doing so.