Fake AV scammers impersonate Microsoft
Posted on 02.05.2013
Cyber scammers continue to impersonate Microsoft and try to trick users into believing that their computer is serious need of an AV solution.

Webroot researchers have spotted an active campaign that involves an ever-rotating slew of websites sporting a warning mimicking a Microsoft Security Essentials alert:


"There are a number of ways to figure out that this is a false alert," the researchers point out. "The first is that itís a website message and not a program; the second is that location of the web site will be a random string of letters."

Still, there are users who will fall for it and press the "Clean computer" button, and end up downloading an executable that currently drops a fake malware removal tool ("XP Security Cleaner Pro") on the victim's computer and several more malicious files

The fake AV then flags innocuous software as malware and asks user to pay for its removal.

The researchers believe that potential victims are redirected to the fake web pages via malicious ad links. The pages stay active for 24-48hrs before being pulled down, and currently lead to fake AV, but the payload can be changed by the crooks at will and at any moment.

If you're faced with one of these pages, closing it without clicking on it will allow you to avoid being infected. If you have downloaded the malware, you will have to use a legitimate tool to remove it from your system (more experienced users can do it manually).





Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //