Microsoft has introduced a new feature to its Edge browser designed to protect users from online scams.
Known as the scareware blocker, this tool employs machine learning and computer vision to detect and prevent deceptive full-screen alerts that mimic security warnings. The feature, now available for testing through the Edge preview program, aims to provide users with a proactive defense against one of the web’s most persistent threats.
Scareware scams are notorious for tricking users into believing their devices are compromised, often pressuring them to download malicious software or pay for fraudulent services.
Microsoft’s latest addition to Edge targets these threats by identifying tell-tale patterns in real time, ensuring that users can regain control of their devices before falling victim to such tactics.
The Growing Threat of Scareware Scams
Scareware scams have been a pervasive issue for years, evolving in sophistication to exploit fear and urgency. These scams typically present themselves as full-screen alerts that claim a device is infected with malware or at risk of data theft.
They often include alarming audio cues, such as a computer-generated voice warning users to act immediately, or visual elements that mimic legitimate security software.
According to Samuel Levine, director of the FTC’s Bureau of Consumer Protection, scareware scams use “lies about threats to consumers’ personal computers to bilk consumers, particularly older consumers, out of tens of millions of dollars”.
A 2024 report from Microsoft revealed that Edge blocked five times more scams than it did in 2021. This data underscores the scale of the problem and the increasing need for advanced protective tools.
The FBI estimates that tech support scams, including scareware, cost victims over a billion dollars annually. Older individuals are particularly vulnerable, with scammers exploiting their caution and trust in digital alerts.
How the Scareware Blocker Works
Currently, the scareware blocker is available to Windows users who have opted into the Edge preview program. To enable the feature, users must update their browser and navigate to the “Privacy, search, and services” settings.

The scareware blocker operates locally on a user’s device, utilizing a machine learning model trained on thousands of real-world scam examples. When a suspicious full-screen pop-up is detected, the tool exits full-screen mode, halts any audio playback, and provides a warning.
This allows users to close the page or continue browsing if they determine it is safe. By analyzing visual and behavioral patterns, the tool can identify scams that have not yet been reported or cataloged.

Microsoft emphasizes that the machine learning model used in the scareware blocker runs locally on users’ devices to ensure privacy while providing proactive protection. This approach contrasts with previous controversies, such as the AI powered Windows 11 Recall tool, which faced criticism for capturing screenshots of user activity to create a searchable history.
Related: Microsoft’s Windows Recall AI Feature Still Has Severe Privacy Issues
Enhancing Browser Security
The scareware blocker builds on Microsoft Defender SmartScreen, a feature that identifies known malicious websites and alerts users to potential threats. Unlike SmartScreen, which relies on a database of reported scams, the scareware blocker is designed to detect unknown threats as they emerge.
This makes it particularly effective against scams that use evasive tactics, such as frequent URL changes or advanced obfuscation techniques.
Related: How to Disable SmartScreen in Windows 11 or Windows 10
One of the blocker’s strengths is its ability to identify scareware that manipulates keyboard and mouse functionality to prevent users from exiting full-screen mode.
Such tactics are designed to heighten panic and coerce users into acting without verifying the legitimacy of the alert. By countering these techniques, the scareware blocker ensures that users can regain control of their browsing experience.
Privacy Concerns and Mitigations
The use of computer vision and AI in browser tools often raises questions about privacy. In this case, Microsoft has taken steps to ensure that no user data or images are sent to the cloud. The scareware blocker’s machine learning model operates entirely on the user’s device, providing real-time protection without storing or transmitting any information.
However, Microsoft is encouraging users in the preview program to provide feedback to improve the tool’s accuracy. This includes an option to report blocked websites or share screenshots of scams. Users can also flag false positives to help refine the model and ensure legitimate websites are not mistakenly blocked.
The feedback process not only improves the scareware blocker but also enhances the broader capabilities of Microsoft Defender SmartScreen. Insights from users contribute to a more comprehensive understanding of online threats, enabling Microsoft to develop more effective defenses against scams.