The Rise of Fake BSODs

There has recently been an increasingly number of occurrences of fake BSODs, all of which appear to be malware related. The BSODs are usually poorly designed and easy to spot if you have any experience with Windows or debugging BSODs.

blue screenHowever, the issue becomes rather alarming since many users will not understand the difference between a true BSOD and a fake BSOD, this can lead to several problems for the user.

Furthermore, it has also been found that these fake BSODs do not create any form of dump file in the following two directories:

C:\Windows\MEMORY.DMP

For Minidumps, the directory path is:

C:\Windows\Minidump

It is important for users to understand that a true BSOD will never ask you to contact a Microsoft technician or provide any guidance on how to contact that said technician. The latest BSOD screen designed by Microsoft can be found below:

bsodFortunately, most of these BSODs do not actually commit any malicious actions with regards to the system, but are mostly intended as poor phishing attempts to scare users into contacting a certain telephone number.

The main purpose of this post was simply to increase the awareness of these fake BSODs, and thus to conclude, please find a list of some example of these scams:

Malwarebytes have provided a blog post which explains the internals of one of the fake BSODs – TechSupportScams And The Blue Screen of Death

 

 

Advertisements

About 0x14c

I'm a Computer Science student and writer. My primary interests are Graph Theory, Number Theory, Programming Language Theory, Logic and Windows Debugging.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s