In the ever-evolving world of cybersecurity, deceptive tactics are becoming more sophisticated. One such deceptive tactic is the « Abnormal Network Traffic On This Device » alert. C'est un Phishing Scam, and you should not trust it.
The « Abnormal Network Traffic On This Device » Scam: An Introduction
Researchers have stumbled upon a malicious setup promoting the « Abnormal Network Traffic On This Device » scam during their usual surveillance of suspicious websites. It’s essential to note that the setup also recommended a browser hijacker called CovidDash, along with a flurry of other dubious applications.
The scam unfolds when the malicious file is run, presenting a pop-up window designed to look like an alert from Microsoft. The phony warning claims that the user’s device has been disconnected from the network due to suspicious network traffic. The scam’s primary goal is to coax victims into visiting a phishing website.
Detailed Breakdown of the Scam
The scam begins when a malicious setup is run on the test system, resulting in a scam pop-up window. The message is disguised as a warning from Microsoft, claiming that suspicious network traffic has been detected on the user’s device. As a safety measure, the device has supposedly been disconnected from the network.
de façon intéressante, the installer responsible for delivering this pop-up does disconnect the computer from the Internet – an unusual move as most scam messages are false. It’s likely that this is a strategy by the cybercriminals to prevent users from accessing the web and downloading antivirus software that could remove the scam.
The message then instructs the user to scan a provided QR code for identity verification and network restoration. When the QR code is scanned, it redirects the user to a rogue website.
The disconnection of the Internet on the infected machine shouldn’t result in significant losses for the cybercriminals since most users scan QR codes using mobile devices.
The Next Step of the Scam
Once the rogue website is accessed, it presents a form disguised as Microsoft, asking users to provide their personally identifiable and credit card information. This includes fields for the cardholder’s name, credit card number, expiry date, CVV, adresses, et numéro de téléphone.
Providing the requested information to the phishing website would inadvertently disclose it to the scammers. This data could then be exploited to steal the victims’ identities and make fraudulent transactions and online purchases.
If you have already given your private data to this scam, contacting the appropriate authorities immediately is crucial.
It’s worth mentioning that the fake pop-up could be used to promote a different malicious site. Always remember that all claims made by the « Abnormal Network Traffic On This Device » scam are fake, and they’re in no way associated with the real Microsoft Corporation.
In a nutshell, falling for a scam like this can lead to system infections, graves problèmes de confidentialité, pertes financières, et usurpation d'identité.
Résumé des menaces
Prénom | « Abnormal Network Traffic On This Device » pop-up |
---|---|
Type de menace | Hameçonnage, Arnaque, Ingénierie sociale, Fraude |
Fausse réclamation | Abnormal activity was detected on user’s device network – hence, it was disconnected. |
Déguisement | Microsoft |
Rogue process name | Windows host process (Rundll32) [process name may vary] |
Related Domains | 0zpt4.za[.]avec, pcrrent[.]avec |
Adresse IP de service (0zpt4.za[.]avec) | 172.67.159.146 |
Symptômes | Fake error messages, fake system warnings, pop-up errors. |
Dommage | Perte d'informations privées sensibles, perte monétaire, vol d'identité, possible malware infections. |
Suppression des logiciels malveillants (Windows)
Pour éliminer les éventuelles infections par des logiciels malveillants, analysez votre ordinateur avec un logiciel antivirus légitime. Our security researchers recommend using SpuHunter.
Outil antispam recommandé:
The product is full-featured, and you have to purchase a license for SpyHunter. There is a 7-days free trial available.
Similar Scam Examples
We have analyzed thousands of scams; « To Complete The Update, Install The Critical Security Update », « McAfee – A Virus Has Been Found On Your PC! », « Critical Threat Detected: Adware App », « Ads.financetrack(1).exe », and « Avira Security pop-up scam » are just a few examples of ones using claims about fake issues detected on users’ dispositifs.
The Internet is full of deceptive and malicious content. Various false claims are used to gain and subsequently abuse users’ confiance. Common scam models include device infections, system threats, fausses mises à jour, hoax lotteries/giveaways, and so forth.
Regardless of what a scam warns about or promises – its ultimate goal is to generate revenue at victims’ expense.
How Did I Encounter the Scam?
At the time of research, the « Abnormal Network Traffic On This Device » scam was promoted through a malicious installer. After it was launched, a deceptive pop-up window was displayed. The scam then progressed by instructing the user to scan the provided QR code, which redirected to a phishing site.
Cependant, scam websites are endorsed using various techniques. These pages can be accessed via redirects caused by sites that use rogue advertising networks, either upon initial access or when hosted content is clicked (par exemple,, boutons, liens, text input fields, les publicités, etc.).
Spam browser notifications and intrusive advertisements also promote online scams. En outre, mistyping a website’s URL can result in a redirect (or a redirection chain leading) to a deceptive page. Adware also promotes scams by displaying misleading ads or force-opening sites that run this content.
How to Avoid Online Scams?
We strongly recommend downloading only from official and verified channels. En plus, approach installation processes with caution, par exemple,, by reading terms, exploring potential options, using the « Custom/Advanced » settings, and opting out of all supplements (applications, extensions, outils, etc.) to avoid allowing bundled/harmful content into the system.
Another recommendation is to be vigilant when browsing since fake and malicious online content usually appears legitimate and harmless. Par exemple, intrusive ads may look ordinary yet redirect to unreliable/suspicious websites (par exemple,, scam-promoting, jeu d'argent, pornography, adult dating, etc.).
We advise against using sites that offer pirated software/media or other questionable services (par exemple,, Torrenting, illegal streaming/downloading, etc.) since they typically employ rogue advertising networks.
Pay attention to URLs and enter them with care. To avoid receiving unwanted/deceptive browser notifications, do not permit dubious webpages to deliver them (i.e., do not click « Allow », « Autoriser les notifications », etc.). Plutôt, ignore or deny notification requests from such pages (i.e., select « Block », « Block Notifications », etc.).
Si votre ordinateur est déjà infecté, nous vous recommandons d'effectuer une analyse avec SpyHunter pour Windows to automatically eliminate all threats.
Text presented in the Scam Pop-up
Microsoft
We have detected abnormal network traffic on this device. To protect your safety, we have disconnected the network of this device, to restore the network of this device, please scan the QR code below to verify your identity and enter the confirmation code to confirm your identity and restore the network.
Appearance of the Scam
This is a screenshot of the « Appearance of Abnormal Network Traffic On This Device » pop-up scam’s process [Windows host process (Rundll32)] in Windows Task Manager:
This is a screenshot of a deceptive website promoting the malicious installer:
To restore the Internet connection, users have to perform the following steps:
- Allez à Paramètres
- Cliquez « Network & Internet »
- Choisissez « Advanced network settings »
- Disable and re-enable the Ethernet device
Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. est SpyHunter is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
By downloading any software listed on this website, you agree to our Privacy Policy and Terms of Use. To use the full-featured product, you have to purchase a license for SpyHunter. A 7-days free trial is available.
Quick Menu
- What is the « Abnormal Network Traffic On This Device » pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
Identifying a Pop-up Scam
Pop-up windows with various fake messages are a typical lure that cybercriminals use. They’re designed to collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, et cetera.
Although cybercriminals strive to make these rogue pop-up windows appear trustworthy, scams typically have the following characteristics:
- Fautes d'orthographe et images non professionnelles – Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sentiment d'urgence – A countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Claims that you won something – If you haven’t participated in a lottery, online competition, etc., and you see a pop-up window stating that you’ve won something.
- Analyse d'un ordinateur ou d'un appareil mobile – A pop-up window that scans your device and informs you of detected issues is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivité – Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Understanding How Pop-up Scams Work
Cybercriminals and deceptive marketers usually use various advertising networks, techniques d'empoisonnement des moteurs de recherche, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on the user’s location and device information, they’re presented with a scam pop-up. The lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
Removing Fake Pop-ups
Dans la plupart des cas, pop-up scams don’t infect users’ appareils avec des logiciels malveillants. Si vous rencontrez une fenêtre contextuelle d'arnaque, il suffit de le fermer. Dans certains cas, scam pop-ups may be hard to close; dans ces cas, close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. Pour ça, use our instructions explaining how to reset Internet browser settings.
Preventing Fake Pop-ups
To prevent seeing pop-up scams, you should only visit reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other similar reputation websites commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, keep your Internet browsers up-to-date and use a reputable anti-malware application. Dans ce but, nous recommandons SpyHunter Antivirus for Windows.
What to Do If You Fell for a Pop-up Scam
The appropriate action depends on the type of scam that you fell for. Le plus souvent, pop-up scams trick users into sending money, providing personal information, or giving access to their device.
- Si vous avez envoyé de l'argent à des fraudeurs: Contact your financial institution and explain that you were scammed. Si informé rapidement, there’s a chance to get your money back.
- If you gave away your personal information: Change your passwords and enable two-factor authentication in all online services that you use. Visit the Federal Trade Commission to report identity theft and get personalized recovery steps.
- Si vous laissez les fraudeurs se connecter à votre appareil: Scan your computer with a reputable anti-malware (nous recommandons SpyHunter pour Windows) – cyber criminals could have planted trojans, keyloggers, and other malware, don’t use your computer until removing possible threats.
- Help other Internet users: Report Internet scams to the Federal Trade Commission.
Questions fréquemment posées (FAQ)
Qu'est-ce qu'une arnaque pop-up?
Fondamentalement, pop-up scams are deceptive messages intended to trick users into performing specific actions. Par exemple, victims can be enticed/scared into providing private data, effectuer des transactions monétaires, calling fake support lines, allowing cyber criminals to remotely access devices, downloading/installing software, purchasing products, subscribing to services, etc.
Quel est le but d'une arnaque pop-up?
Pop-up scams are designed to generate revenue for cyber criminals. Scammers primarily profit by obtaining funds through deception, abusing or selling sensitive information, promoting content, and proliferating malware.
I have provided my personal information when tricked by a scam, Que dois-je faire?
If you have disclosed your personal-identifiable or finance-related information (par exemple,, ID card details, scans/photos de passeport, numéros de carte de crédit, etc.) – immediately contact the corresponding authorities. And if you’ve provided your account credentials – change the password of all potentially exposed accounts and inform their official support without delay.
Pourquoi est-ce que je rencontre de fausses pop-ups?
The « Abnormal Network Traffic On This Device » scam has been observed being promoted through a malicious setup. Cependant, scams are endorsed using various techniques. Deceptive websites are most commonly accessed via redirects caused by pages that use rogue advertising networks, misspelled URLs, notifications du navigateur anti-spam, intrusive ads, ou un logiciel publicitaire installé.
Will SpuHunter protect me from pop-up scams?
SpuHunter is designed to detect and eliminate threats. It can scan devices and remove unwanted/malicious content (i.e., adware, pirates de l'air de navigateur, des logiciels malveillants, etc.). En outre, SpuHunter is capable of scanning visited websites and issuing alerts if they are found to be suspicious/malicious. Par conséquent, should you enter such a page – you will be warned immediately, and further access to it will be blocked.
Conclusion
En conclusion, it’s crucial to stay vigilant while browsing the internet. The « Abnormal Network Traffic On This Device » scam is a perfect example of how cybercriminals can trick even the most vigilant users. Always remember to verify the source of any pop-up or alert, and never give out your personal information without making sure of the legitimacy of the request. Be safe!