'System Activation Key Has Expired' Pop-Ups
The 'System Activation Key Has Expired' pop-ups is a technical support tactic that attempts to trick the affected user into giving personal information to the people behind it. The pop-up may appear while the user is browsing the Internet and it will claim that the targeted computer has been locked by a virus.
The text of the message is designed to scare the victim with bogus claims that, due to an expired system activation key, the user's private information such as account and bank credentials have been misappropriated. The victim is encouraged to call a technical support number for assistance. Some of the phone numbers used by these people are 888-648-1549, 877- 670-2749, and 800-090-3289. Do not call the provided numbers! Not only the warnings in the pop-up are fake but calling the number will connect the computer users with the con artists who will try to extract personal information, ask the computer users to allow remote access to the computer, or push the victim to purchase a bogus anti-malware program.
The 'System Activation Key Has Expired' pop-ups is produced by hxxp://security43[.]xyz.
The 'System Activation Key Has Expired' pop-ups loads a fake alarm from hxxp://security83[.]xyz/main/warning.mp3. There are several clones of this technical support tactic at hxxp://security9s[.]tk/chrm/index2.html, hxxp://security10s[.]tk/main/index2.html, hxxp://security1s[.]tk/chrm/index2.html and others.
The text displayed by the 'System Activation Key Has Expired' pop-ups is :
'Your computer has been Locked
Your computer with the IP address [your real IP address] has been infected by the Virus
RDN/YahLover.worm!055BCCAC9FEC -- Because System Activation KEY has expired & Your information
(for example, passwords, messages and credit cards) have been stolen. Call the Technical Support number
+1-888-648-1549 to protect your files and identity from further damage.'
It is recommended to remove the 'System Activation Key Has Expired' pop-ups from an affected computer immediately by using a legitimate anti-malware program.