Two days ago, the Symantec blog posted an article that describes how the newest and most successful malware and fake anti-spyware fools you into downloading it. The descriptions and images of these social engineering attacks are something you should see, so that you’ll know it when it happens to you.
Below are four images from the Symantec article. The first three show a web page with a fake warning to download updates. The last image shows you the payload, which is a fake anti-spyware program that tries to fool you into purchasing it (also known as scareware).
Image #1 download Firefox Secure Updates
Image #2 download Updates
Image #3 download Chrome Updates
Image #4 resulting download scareware called Security Tool
Even though these images are a bit fuzzy, you can still see that they’ve done a good job of looking like legitimate warnings. The bad news is that this isn’t the scariest part. It gets worse.
According to the article, trying to cancel these warnings does no good. The fake warnings keep popping up. If you exit the page without downloading these updates, something even worse happens. They redirect you to a site that hits you with some heavy duty exploits that could infect your PC.
The Symantec article only tells you that their software and some common sense will keep you protected from these fake warnings.
If you want my advice, do the following if you think you are seeing a fake warning:
- Close the browser.
- Follow up with an anti-virus scan of your system.
- Use MalwareBytes Anti-malware to clean your system if you think you’ve been infected.
- If all else fails, and you’re certain you have a problem, go to an anti-spyware forum to get help. (SpywareWarrior and PC-Help are good)
- Optional tell me about your adventures, or comment below.
Update: Lorraine emailed me this link to removal instructions that helped her remove the “My Security Shield” scareware which looks like the “Security Tools” above.