Microsoft is stepping up its efforts to protect Windows users from programs that use fear to convince people to buy or upgrade products.
The Redmond company is taking aim at all software that use scary messaging to convince people to upgrade to a paid product that purportedly fixes a problem detected by a free version. Specifically it is targeting registry cleaners and optimizers, which Microsoft previously didn't endorse but also didn't blacklist them as unwanted programs or malware. That's changing on March 1.
“We find this practice problematic because it can pressure customers into making unnecessary purchase decisions,” said Barak Shein, a member of the Windows Defender security research team.
From March 1 Microsoft’s Windows Defender and other security products will “classify programs that display coercive messages as unwanted software, which will be detected and removed”, Shein said.
Microsoft has updated its evaluation criteria for unwanted behaviors to reflect the change, adding a "coercive messaging" section that takes aim at messaging and misleading content that pressures users into “paying for additional services or performing superfluous actions”.
This includes exaggerated and alarming error messages about the system that can only be fixed by paying or by the user filling out surveys, subscribing to newsletters or downloading files.
Programs are also not allowed to suggest that the only way to remediate a problem is to follow its recommendations, nor are they allowed to require the user act within a limited time period. In other words, all pressure sales tactics are off the cards.
Though the new criteria isn’t specifically aimed at tech support scams, it should provide a technical obstacle to the tactics they use to scare victims into paying for unnecessary fixes, which include using registry cleaners, fake antivirus and fake Microsoft security alerts.
The FTC in October secured a $2m settlement with a pair behind Troth Solutions and permanently banned from selling any tech support service, including “any plan, program, or software, marketed to repair, maintain, or improve a computer’s performance or security, including registry cleaners, anti-virus programs, anti-malware programs, fire wall programs, and computer or software diagnostic services.”
Microsoft’s evaluation criteria for unwanted software already covered many other bad behaviors, including apps that tamper with browsers settings, impair computer performance, and programs that don't provide a clear way to install, uninstall, and disable it. It's also developed AI systems to detect online tech support scams that employ bogus pop-ups.
"We adjust, expand, and update our evaluation criteria based on customer feedback and in order to capture the latest developments in unwanted software and other threats.," said Shein of the new criteria.
Developers of programs that may be impacted by Microsoft’s new unwanted behaviors can head to the Windows Defender Security Intelligence portal to validate the detection of their programs.