What is Your device has been compromised?
Your device has been compromised pop-ups are a phishing scam that uses social engineering methods to trick people into approving notifications. Notifications (also known as push notifications, browser notifications, web notifications) are originally developed to alert users of newly published news. Scammers abuse ‘browser notification feature’ to avoid anti-virus and adblocker software by displaying unwanted ads.
It is important to emphasize that there are no sites capable of detecting that a device has been compromised, therefore sites making such claims are always scams. Such scams are usually used to promote malware or force users to allow notifications. Usually, users end up on “Your device has been compromised” and similar scams by going to a misspelled URL or, clicking on a fake link. In addition, they can be redirected to this scam by malicious advertisements (malvertising) and Adware.
- What is Your device has been compromised?
- Threat Summary
- How to remove Your device has been compromised pop ups
When users land on one of the sites running the “Your device has been compromised” scam, they are presented with an alert disguised as a Google security warning. This fake alert indicates that the user’s device has been compromised and requires the user to click OK immediately to take the necessary action. Background text informs that the device is 62 percent damaged by a Tor.Jack Malware. This fake warning says to immediately remove the malware and stop its spread, or else sensitive data, including social media accounts, messages, images, passwords, will be leaked.
This scam instructs victims to click the “Allow error alerts” (Clean my Device) button and subscribe to recommended spam protection app on the next page. Of course, everything that is said in this message is a fake, no part of it can be trusted. Users should ignore these fake alerts, in any case not click the “Allow” button, as this will subscribe them to notifications used by scammers to display intrusive ads.
Text presented in the “Your device has been compromised” scam:
YOUR DEVICE HAS BEEN COMPROMISED!
Immediate Action is Required!
WARNING! Your is severely damaged by 13 Malware!
We have detected that your is (62%) DAMAGED by Tor.Jack Malware. Malicious and Aggressive Ads have injected this on your device.
Immediate Action is required to Remove and Prevent it from spreading that will leak sensitive data from your device. It includes your Social Media Accounts, Messages, Images, Passwords, and Important Data.
Here is how you can solve this easily in just a few seconds.
Step 1: Click the button below, “Allow error alerts,” then subscribe to recommended spam protection app on the next page.
Step 2: Run the powerful Google Play-approved application to clear your phone from SPAM ads and block potential Malware with a few taps.
Clean my Device
Detected By: Google
Often scammers try not only to force users to allow notification, but also to collect as much information as possible about their victims. The collected information can be used to make fraudulent purchases and unauthorized transfers, sold to criminals on the dark web, or other malicious purposes. Moreover, the criminals behind the Your device has been compromised scam can use stolen email addresses to send spam and malspam (spam emails containing malware or links to malware).
The “Your device has been compromised” scam and similar scams are often used to promote software that can forcibly redirect users to deceptive sites, promise fake features that they really do not have (for example, remove viruses, block ads), display unwanted ads, change browser settings to promote fake search engines, collect user personal data (including logins and passwords, browser history) and so on.
To summarize, trusting the Your device has been compromised scam can lead to malware infection, financial losses, theft of personal data and other serious problems.
|Name||Your device has been compromised|
|Type||scam, phishing, fake alerts|
|Fake claims||“YOUR DEVICE HAS BEEN COMPROMISED”, “WARNING! Your is severely damaged by 13 Malware”, “We have detected that your is (62%) DAMAGED by Tor.Jack Malware”|
|Related web-domains||browsers-protected.com, phones-protection.com, gadgetsecured.com, protectthisdevice.com, errorsnomore.com|
|Removal||Your device has been compromised removal guide|
The “Your device has been compromised” scam isn’t the only one on the Internet that aims to force users to allow notification or install malicious software. We have already reported on such scams many times: Your device might have security issues, Cleaner Update for Android is Recommended, Trojan Spyware Alert. Scammers very often use schemes based on: fake alerts, fake prizes and online surveys. Due to the large number of scam sites, you need to be careful when clicking on links and close suspicious sites as soon as they appear on the screen.
If your browser redirects to the Your device has been compromised scam regularly, then it is possible that Adware or PUAs are installed on your device. Adware is type of malware that can cause problems for your Android device. It can generate numerous additional popup, banner, pop-under and in-text link advertisements flooding on your web-browser; gather your personal data such as login details, online searches, etc; run in the background and drag down your Android OS running speed; give more chances for other adware, PUAs even malware to get on your device.
Usually, adware gets into computers and smartphones as part of a bundle with free software, sharing files and other unsafe apps that users downloaded from the Web. The adware developers pays freeware creators for distributing adware within their apps. Therefore, always download free applications and paid applications from reputable download web sites. Use ONLY custom or manual setup method and never blindly click Next button.
How to Remove Your device has been compromised pop-ups (removal tutorial)
In the steps below, we’ll provide general help to get rid of Your device has been compromised pop-up scam. You may find some minor differences in your Android device. No matter, you should be okay if you follow the steps outlined below: remove all suspicious and unknown apps, reset web browsers settings, run free malicious software removal utilities. Certain of the steps below will require you to close this webpage. So, please read the step-by-step instructions carefully, after that bookmark it or open it on your smartphone for later reference.
To remove Your device has been compromised pop-ups, please follow the steps below:
- Uninstall unknown and suspicious apps
- Remove push notifications
- Remove Your device has been compromised pop-ups using Malwarebytes
- Reset Android browser
- Reset Android phone (Factory Reset)
Remove unknown and suspicious apps
The best way to start removing Your device has been compromised pop-ups is to uninstall all unknown and suspicious apps. Using the standard features of Android, you can do it easily and quickly. This step, despite its simplicity, should not be missed, as removing unnecessary and suspicious apps, you can clean your phone of unwanted advertisements, browser redirects, malware, adware and viruses.
First of all, make sure that the Android phone does not have any apps running. To do this, open the list of running applications and remove all apps from it. Another option, just restart the phone, after which do not start anything.
Now you can start removing unnecessary apps. Open Android Phone settings, select APPS here. You will be shown a list of installed applications, similar to the one shown in the following example.
Several times, very carefully review this list, most likely one of the apps listed here is a virus, adware or malware that shows ads or installs unwanted games on your phone. To remove a suspicious app from Android Phone, just click on its name and select UNINSTALL in the window that appears, as shown in the figure below.
If you can not figure out what to delete and what to leave, use the following criteria for determining adware, malware and viruses. The app is suspicious if: it consumes a lot of memory (for example, it’s called a calculator, and consumes hundreds of megabytes of memory), the app name is completely unfamiliar to you (check the app name through Google search), the app requires strange permissions (for example, a calculator requires permission to send sms and access to the address book). At this stage, you need to be even a bit suspicious than usual.
Remove push notifications
If you want to remove notifications (unwanted ads) from the notification area of your Android phone, you need to change some settings, which determines which websites can send you browser notifications. These notifications are often used to send various unwanted ads to Android device.
- Tap ‘Settings’.
- Tap ‘Notifications’.
- Find and tap the internet browser (Chrome) that shows spam notifications.
- Find unknown and suspicious websites, other rogue notifications and set the toggle button to ‘OFF’ on them one-by-one.
Remove Your device has been compromised pop-ups using Malwarebytes
Malwarebytes Mobile Security (Malwarebytes for Android) is a free app for phones running Android operating system. It can easily find and quickly remove viruses, potentially unwanted programs (PUPs), adware, trojans and other malicious software.
Download Malwarebytes, using the following link, and install it on your phone. After the application is installed, start it. You will see a window similar to the one shown in the example below.
Read the information about the Malwarebytes for Android, and then click “Got it” button.
You will see the main window, as shown in the figure below. Click “Fix now” button.
Malwarebytes will attempt to automatically update the virus database, and then immediately start the full scan procedure. In the process of scanning, Malwarebytes for Android will check your phone for the presence of Trojans, viruses and other malicious programs.
When the scan is completed, Malwarebytes will report the detected viruses and in case of detection of malicious programs, offer to remove them. Just follow the prompts.
To use Malwarebytes for Android, you do not need to buy a premium (paid) version of the app. The first 30 days you can use all the features of this antivirus completely for free, and after 30 days, the device’s auto-protection will be turned off, but you can continue to use Malwarebytes for Android to check your phone for malware and remove it in case of detection.
Reset Android browser
Adware and other malware can change the Android settings. But most often malicious software makes changes to the browser settings, modifying the home page or search engine. Therefore it is very important, after scanning the Android device with antivirus software, also check the browser settings and restore its normal values.
Start the browser. Click on the icon in the form of three points, which is located in the right corner of your phone. In the menu that opens, select Settings.
You will see a list of browser settings. Find the “Search Engine” option and click on it. In the window that opens, select Google.
Go back to the list of browser settings. Now click “Home page”. Check that the switch is in the ON position. If necessary, move it to this position. Then click on the line below, which says “Open this page”. In the window that opens, enter the address of your home page or the line “about:blank” (without quotes). In this case, the blank page will be used as the homepage.
In addition to the above, it is also recommended to clear data that was saved by the browser while the phone was infected. To do this, in the list of settings, find the Privacy item and click it. Scroll the page to the bottom until you find “Clear browsing data”, press it. You will see the window as shown in the figure below.
In the “Time range”, select the time period that covers the period when your Android phone was infected with malware, then click “CLEAR DATA” button. During this procedure, your Google account will not be deleted, passwords, bookmarks and other personal information will be saved.
Reset Android phone (Factory Data Reset)
If nothing of the above is helpful and you failed to get rid of Your device has been compromised pop-ups manually or using antivirus software, then most likely the malware can only be removed by resetting the phone.
In order to reset Android phone, and thus remove scam pop-ups, do the following. Open Phone Settings, scroll down to General management. Click it. You will see a window similar to the one shown in the pictures below.
Find the “Reset” option and click on it. You will see a list of possible ways to reset the phone settings, select the “Factory Data Reset” option.
Click “Factory Data Reset” button. ATTENTION! All your personal data from the phone’s internal memory will be deleted, all phone settings will be restored to their original state. The internal memory of the phone will be TOTALLY cleared.
To sum up
After completing the few simple steps outlined above, your Android phone should be free from adware and other malware. Your web-browser will no longer display the Your device has been compromised pop-ups. Unfortunately, if the step-by-step guide does not help you, then you have caught a new malicious software, and then the best way – ask for help here.