Cyber Criminals still prefer to lure users with Fake Antivirus or scareware into purchasing the fake AV that will allegedly remove the virus from their computer, as it is very effective method.
Recently, Symantec researcher come across a spam mail that promotes a fake Antivirus contained links to one of the 300 compromised domains, which then redirect victim to the fake AV site.
Once users is landed on the page, the user is greeted with a JavaScript alert message, whereby the fake antivirus "Windows Secure Kit 2012" claims that your machine is infected. Clicking the 'ok' button will start the fake scan and detects plenty of viruses.
When the scan is completed, the users is offered with an option to removing all the found malware. If suppose user try to close the page, the page warns user about the risk.
If user clicks the 'Remove All' button, it downloads a malicious executable file. When the file is being executed, professional-looking screen is displayed and identifies several infections.
The fake AV will constantly alert users with false notifications informing that a program has been blocked from stealing their data, that identity theft is in process, or even tries to scare them with prosecution. If user click the 'prevent attack' button, the victim will be urged to buy fake AV for $99.90.
To avoid getting infected with fake antivirus software, ensure you keep your operating system, Web browser, and antivirus software up to date with all security patches.
Recently, Symantec researcher come across a spam mail that promotes a fake Antivirus contained links to one of the 300 compromised domains, which then redirect victim to the fake AV site.
Once users is landed on the page, the user is greeted with a JavaScript alert message, whereby the fake antivirus "Windows Secure Kit 2012" claims that your machine is infected. Clicking the 'ok' button will start the fake scan and detects plenty of viruses.
When the scan is completed, the users is offered with an option to removing all the found malware. If suppose user try to close the page, the page warns user about the risk.
If user clicks the 'Remove All' button, it downloads a malicious executable file. When the file is being executed, professional-looking screen is displayed and identifies several infections.
The fake AV will constantly alert users with false notifications informing that a program has been blocked from stealing their data, that identity theft is in process, or even tries to scare them with prosecution. If user click the 'prevent attack' button, the victim will be urged to buy fake AV for $99.90.
To avoid getting infected with fake antivirus software, ensure you keep your operating system, Web browser, and antivirus software up to date with all security patches.
