Posts Tagged ‘Windows Update’

Fake anti-virus cloaks itself to appear to be Microsoft Update

Published by pratyushkp on June 9th, 2011 - in Social, Technology

Original post on Sophos. Author – Chester Wisniewski

We are seeing the criminals behind fake anti-virus continuing to customize their social engineering attacks to be more believable to users and presumably more successful.

Last week I wrote about fake Firefox malware warnings leading users to rogue security software. This week they’ve started to imitate Microsoft Update.

The page is nearly an exact replica of the real Microsoft Update page with one major exception… It only comes up when surfing from Firefox on Windows. The real Microsoft Update requires Internet Explorer.

The same site was also hosting the traditional Windows XP explorer scanner we have seen for years, as well as a new Windows 7 scanner.

Similar to spam messages that have corrected their grammar and use correct imagery and CSS, the attackers selling fake anti-virus are getting more professional.

They use high quality graphics and are using information from our UserAgent strings that are sent by the browser to customize your malware experience.

Just like visiting your bank you should only trust security alerts in your browser if you initiated a check with Microsoft, Adobe, Sophos or any other vendor for updates to their software.

  • Blackhat SEO and Fake anti-virus – Like chocolate and peanut butter (blogoholic.in)
  • More Mac malware – top tips for avoiding infection (nakedsecurity.sophos.com)
  • Microsoft Updates Bing Mobile (thenextweb.com)
  • Saving Your Computer from Attack! (godofnothingnow.wordpress.com)
  • New Microsoft Safety Scanner tool cleans over 20,000 machines in a week (winrumors.com)
  • How do I protect my PC while surfing the net? (ask.metafilter.com)

Dad catches daughters on webcam: Beware viral Facebook video link

Published by pratyushkp on May 15th, 2011 - in Social, Technology
Image representing Facebook as depicted in Cru...

Image via CrunchBase

Facebook is being hit by another viral message, spreading between users’ walls disguised as a link to a saucy video.

The messages, which are spreading rapidly, use a variety of different links but all claim to be a movie of a dad catching his daughters making a video on their webcam:

Dad catches daughters on webcam message

[VIDEO] DAD CATCHES DAUGHTERS ON WEBCAM [OMGGGG].AVI
[LINK]
two naughty girls get caught in the WORST moment while making a vid on their webcam! omg!!

The messages also tag some of the victims’ Facebook friends, presumably in an attempt to spread the links more quickly across the social network.

If you make the mistake of clicking on the link you are taken to a webpage which shows a video thumbnail of two scantily clad young women on a bed. The page urges you to play the video, however doing so will post the Facebook message on your own wall as a “Like” and pass it to your friends.

Unfortunately, the new security improvements announced by Facebook this week fail to give any protection or warning about the attack.

Dad catches daughters on webcam message

When I tested the scam Sophos was presented with a (fake) message telling me that my Adobe Flash plugin had crashed and  needed to download a codec.

Dad catches daughters on webcam message

Codec downloadUsers should remember that they should only ever download updates to Adobe Flash from Adobe’s own website – not from anywhere else on the internet as you could be tricked into installing malware.

Ultimately, you may find your browser has been redirected to a webpage promoting a tool for changing your Facebook layout, called Profile Stylez and – on Windows at least – may find you have been prompted to install a program called FreeCodec.exe which really installs the Profile Stylez browser extension.

ProfileStylez

It’s certainly disappointing to see Facebook’s new security features fail at the first major outbreak – clearly there’s much more work which needs to be done to prevent these sorts of messages spreading rapidly across the social network, tricking users into clicking on links which could be designed to cause harm.

Source :- http://nakedsecurity.sophos.com

  • Dad catches daughters on webcam: Beware viral Facebook video link (nakedsecurity.sophos.com)
  • Facebook Scam Alert: Look what happens when Father catches Daughter on Webcam! (techie-buzz.com)
  • What is FouTube? Viral Facebook clickjacking video scams explored (nakedsecurity.sophos.com)
  • ALERT: Avoid ‘Father Catches Daughter On Webcam’ (allfacebook.com)
  • Beware of Fake Osama bin laden links on web! (trak.in)
  • Beware Video Osama Traps on Facebook (socyberty.com)
  • ““Shocking New Video of Osama Bin Laden’s Death†Facebook Spam” and related posts (teck.in)
  • Photo tagged as a Facebook bunnygirl? Beware viral scam (nakedsecurity.sophos.com)
  • Osama Bin Laden death video scam spreads virally on Facebook (nakedsecurity.sophos.com)
  • Osama Bin Laden death video scam spreads virally on Facebook (securitybloggersnetwork.com)
Tags: , Adobe Systems, Audio Video Interleave, , , , , , ,
© Social Media Blog