A new tech support scam associated with the website Axalisaiti(.)com has been reported to display a fake BSOD (Black Screen Of Death) screen with a fraudulent message stating there is an error on the user’s computer. The phone number 1-855-486-0354 that is associated with the scam has also been reported to randomly dial users as a part of a social engineering scam. All users who have seen this pop-up are strongly advised to scan their computer and detect where the pop-up is coming from.
|Type||Fake Tech Support|
|Short Description||The page may block users out of their web browsers displaying a fake error message.|
|Symptoms||The user may witness a fake BSOD screen with this or other phone numbers present in its message. Also has the following sound message:|
|Distribution Method||Via PUPs, Malware or by visiting a suspicious third-party site.|
|Detection Tool||Download Malware Removal Tool, to See If Your System Has Been Affected by Axalisaiti(.)com|
|User Experience||Join our forum to discuss Axalisaiti(.)com.|
Axalisaiti(.)com Fake BSOD Alert – How Did I Get It
The distribution of this website is fairly simple and is done in the following methods:
- Via a Trojan that induces advertisements and causes redirects.
- By a rootkit which connects to remote hosts to cause browser redirects.
- Via a PUP (Potentially Unwanted Program) that displays advertisements and causes redirects on your Google Chrome, Mozilla Firefox, Internet Explorer Opera, Safary or any other extension supported browsers.
Axalisaiti(.)com Fake BSOD Alert In Detail
Once this threat is on your computer, you may witness a pop-up with the following scareware message:
→ Pop-up message:
SUSPICIOUS ACTIVITY OF INTRUSIONS DETECTED, WHICH IS TRYING TO REDIRECT YOU TO A VIRUS ATTACK SITE.
THIS MAY HAPPEN DUE TO NOT HAVING OBSOLETE VIRUS PROTECTED SHIELD.
TO COMPLETE DIAGNOSE AND FIX, PLEASE CALL WINDOWS SUPPORT HELPLINE AT 1-855-486-0354 IMMEDIATELY.
KINDLY ENSURE YOU DO NOT RESTART YOUR COMPUTER TO PREVENT DATA LOSS.
HAVING SUCH KIND OF WARNINGS REPEATEDLY MAY COMPROMISE YOUR CREDIT-DEBIT CARD OR ONLIINE BANKING INFORMATIONS.
GET ALL FIXED RIGHT NOW BY CALLING CERTIFIED…”
This message aims to drive inexperienced users to call the “customer support” number which may actually be the scammers’ number. From there users may be prompted to:
- Provide personal information.
- Provide access of your PC to the scammers.
- Provide financial information.
When the host Axalisaiti(.)com was thoroughly checked, the following information surfaced:
→ IP Address-18.104.22.168
Users on security forums report that the previous location associated with the website was Panama, which points out to the usage of either a VPN or a Proxy service that conceals the actual location and address of the server.
Experts strongly believe that this website is most likely a part of a network which aims to spread massively and scam users out of their money and information. One of the scamming methods which may be used is an unusually high phone call rates to drain users by the minute.
Not only this but this number is also reported to be associated with other scams as well. Attacked users have reported that they have received calls from this number directly without even knowing it is associated with this Fake BSOD Alert.
Remove Axalisaiti(.)com Fake BSOD Alert Completely
In order to remove this fake alert, you should make sure to close your web browser first as a process from Windows Task Manager. Since different software may induce this hijacker onto your computer, we strongly advise you to follow the step-by-step manual below and download an advanced malware scanner. It will detect if there is any type of software or malware on your computer which may be causing the pop-ups to appear.