Original post on Sophos. Author – Chester Wisniewski
We are seeing the criminals behind fake anti-virus continuing to customize their social engineering attacks to be more believable to users and presumably more successful.
Last week I wrote about fake Firefox malware warnings leading users to rogue security software. This week they’ve started to imitate Microsoft Update.
The page is nearly an exact replica of the real Microsoft Update page with one major exception… It only comes up when surfing from Firefox on Windows. The real Microsoft Update requires Internet Explorer.
The same site was also hosting the traditional Windows XP explorer scanner we have seen for years, as well as a new Windows 7 scanner.
Similar to spam messages that have corrected their grammar and use correct imagery and CSS, the attackers selling fake anti-virus are getting more professional.
They use high quality graphics and are using information from our UserAgent strings that are sent by the browser to customize your malware experience.
Just like visiting your bank you should only trust security alerts in your browser if you initiated a check with Microsoft, Adobe, Sophos or any other vendor for updates to their software.
Related articles
- Blackhat SEO and Fake anti-virus – Like chocolate and peanut butter (blogoholic.in)
- More Mac malware – top tips for avoiding infection (nakedsecurity.sophos.com)
- Microsoft Updates Bing Mobile (thenextweb.com)
- Saving Your Computer from Attack! (godofnothingnow.wordpress.com)
- New Microsoft Safety Scanner tool cleans over 20,000 machines in a week (winrumors.com)
- How do I protect my PC while surfing the net? (ask.metafilter.com)
Comments
Powered by Facebook Comments
I’ve been looking for precisely this information. Although I was expecting to come across this content I am genuinely amazed that your blog was so easy to locate and ways in which it perfectly when compared to my own , personal experience.
I’ve recently been browsing for specifically this information. Even though I was hoping to locate this content I’m definitely surprised that your particular blog was so easy to find and how it perfectly in comparison to my personal experience.
Anytime I study a subject I’ve no clue what i might discover. I am so pleased to have stumbled upon your complete writing as it flawlessly addresses the concerns I have in mind and also the unspoken concerns which i might have looked for later.
Almost everyone has overlooked this core concept. I had been confused and your posting cut through the common idea that only demonstrate deficiency of substance. I hope for another post around these subjects shortly!
[...] Fake anti-virus cloaks itself to appear to be Microsoft Update (blogoholic.in) [...]
Almost everyone has missed this middle notion. It only required a few moments to study your entry and so I have a preliminary understanding that I know many people overlook. Don’t stop publishing at this quality.