New Ways to Get Infected Online – Fake Update Downloads
By on October 7th, 2010

app-blocked2-ico Two days ago, the Symantec blog posted an article that describes how the newest and most successful malware and fake anti-spyware fools you into downloading it. The descriptions and images of these social engineering attacks are something you should see, so that you’ll know it when it happens to you.

Below are four images from the Symantec article. The first three show a web page with a fake warning to download updates. The last image shows you the payload, which is a fake anti-spyware program that tries to fool you into purchasing it (also known as scareware).

Image #1 download Firefox Secure Updates

fake-update-1

Image #2 download Updates

fake-update-2

Image #3 download Chrome Updates

fake-update-3

Image #4 resulting download scareware called Security Tool

fake-antispyware-1

Even though these images are a bit fuzzy, you can still see that they’ve done a good job of looking like legitimate warnings. The bad news is that this isn’t the scariest part. It gets worse.

According to the article, trying to cancel these warnings does no good. The fake warnings keep popping up. If you exit the page without downloading these updates, something even worse happens. They redirect you to a site that hits you with some heavy duty exploits that could infect your PC.

The Symantec article only tells you that their software and some common sense will keep you protected from these fake warnings.

If you want my advice, do the following if you think you are seeing a fake warning:

  1. Close the browser.
  2. Follow up with an anti-virus scan of your system.
  3. Use MalwareBytes Anti-malware to clean your system if you think you’ve been infected.
  4. If all else fails, and you’re certain you have a problem, go to an anti-spyware forum to get help. (SpywareWarrior and PC-Help are good)
  5. Optional tell me about your adventures, or comment below.

Update: Lorraine emailed me this link to removal instructions that helped her remove the “My Security Shield” scareware which looks like the “Security Tools” above.

[Source Symantec Blog]


Tags: , , ,
Author: Clif Sipe Google Profile for Clif Sipe
Promoting Freeware and Free information since 2004. Owner of FreewareWiki.com with over 2000 pages of freebies. Please subscribe to my Google Feed or follow me on Twitter @clifnotes.

Clif Sipe has written and can be contacted at clif@techie-buzz.com.

Leave a Reply

Name (required)

Website (optional)

 
    Warning: call_user_func() expects parameter 1 to be a valid callback, function 'advanced_comment' not found or invalid function name in /home/keith/techie-buzz.com/htdocs/wp-includes/comment-template.php on line 1694
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN