1.11M Members

WARNING: Major fake anti-virus software attack

 
1
 

Just as your average Joe starts to 'get' the importance of online security, and that means using anti-virus software, so the bad guys start exploiting this new found understanding by flooding the Internet with fake AV products.

antivirusfake.jpg Security researchers at SophosLabs have today identified a major new fake anti-virus software campaign which is threatening to flood the Internet with malicious security products.

The widespread spam campaign is designed purely with one goal: to get the unwary recipient to open HTML files attached to the messages which then redirect web browsers to hacked sites that come complete with a malicious iFrame to launch the fake anti-virus attack. Of course, fake anti-virus is nothing new but the scale of this latest attack is causing concern.

These attacks take the usual form of pop-ups warning that your computer is infected and offering to remove the threats for a software registration fee. "A scam like this can be extremely successful at passing revenue directly and quickly into the hands of hackers - so we all have to be on our guard," said Graham Cluley, senior technology consultant at Sophos. "The attacks are designed to trick people into paying to remove threats from their computer that never really existed in the first place. Once a user's computer is infected with fake anti-virus, the software will continue to bombard the user with bogus warning messages to encourage them to pay for threats to be removed or install more malicious code onto their PC. If computer users are concerned about the security of their machine, they should go directly to a legitimate IT security site, rather than put their trust in a criminal hacking gang."

So far the emails that SophosLabs have intercepted include subject matters as diverse as credit card charges to holiday photography services. Sophos has seen emails promising parking permits, suggesting an appointment is being confirmed, insisting various e-billing is ready, confirming orders for various items. All of which are designed to prey on the curiosity of the recipient, often making them think there is something they might have to pay for if they do not respond or offering a peek at photos which purport to belong to someone else, for example. The end result can often be the successful leading of an innocent into downloading dangerous software onto their computers and handing over their credit card details.

Sophos has put together a video providing further information on fake anti-virus software:

[youtube]2DzBdhqB73I[/youtube]

Attachments antivirusfake.jpg 18.77KB
Member Avatar
Davey Winder

I'm a hacker turned writer and consultant, specialising in IT security. I've been a freelance word punk for over 20 years and along the way I have seen 23 of my books published, produced and presented programmes for TV and radio, picked up a bunch of awards and continue being a contributing editor with PC Pro - the best selling IT magazine in the UK .

 
0
 

Great video! It talks about getting to fake anti-virus sites from searches done. I have seen search results on Google where they have the result up there but there is a warning not to go there due to malware. Of course it makes sense for anyone with a PC to have good anti-virus software already on it. I have seen these warnings with pictures that Google has for search results. I have clicked on to see what happens and my anti-virus software blocks it.

Also I read that Windows 7 has anti-spyware software built in callled defender. I tried to use it to do a scan but it was turned off. So I figured that when I installed the Norton Anti-Virus, that it turned off defender.

LastMitch
Deleted Member
 
0
 

These attacks take the usual form of pop-ups warning that your computer is infected and offering to remove the threats for a software registration fee. "A scam like this can be extremely successful at passing revenue directly and quickly into the hands of hackers - so we all have to be on our guard," said Graham Cluley, senior technology consultant at Sophos. "The attacks are designed to trick people into paying to remove threats from their computer that never really existed in the first place. Once a user's computer is infected with fake anti-virus, the software will continue to bombard the user with bogus warning messages to encourage them to pay for threats to be removed or install more malicious code onto their PC. If computer users are concerned about the security of their machine, they should go directly to a legitimate IT security site, rather than put their trust in a criminal hacking gang."

I never experience that but I heard it does crash your system.

Isn't it about time forums rewarded their contributors?

Earn rewards points for helping others. Gain kudos. Cash out. Get better answers yourself.

It's as simple as contributing editorial or replying to discussions labeled or OP Kudos

You
This is an OP Kudos discussion and contributors may be rewarded
Post:
Start New Discussion
View similar articles that have also been tagged: