Seven Ways to fight Scare-Ware

Have you encountered this before: a pop-up pops and it looks like a window on your computer. Next thing a scan begins. It often grabs a screenshot of your “My Computer” window mimicking your computers characteristics then tricking you into clicking on links. The scan tells you that a virus has infected your computer. And for low price of “$49.95” you can download software that magically appears just in time to save the day. If you not to  download and install the software, your computer goes crazy and pop-ups will invade you like bedbugs in New York City hotel.

Information Week reports those behind a new fake antivirus software have added a new social engineering element — live support agents. The rogue software comes equipped with a customer support link leading to a live session with the bad guy. Real scammers on the other end of chat have the ability to offer live remote access support instructed by support to click a link initiating remote access to their computer.  Once connected remotely, the scammer can potentially retrieve documents to steal your identity.

Another new twist on the scam involves a popup in the form of a browser with a warning that looks like what your browser may present to you when you visit a page that might have an expired security certificate, malware warning or be a potential phishing site. The page is usually red with a warning: “Visiting This Site May Harm Your Computer” then it provides you with a link, button or pop-up that gives you the option of downloading security software or to update your browsers security.

The software is sometimes known as “AntiVirus2010” “WinFixer,” “WinAntivirus,” “DriveCleaner,” “WinAntispyware,” “AntivirusXP” and “XP Antivirus 2010” or something like “Security Toolkit”. These are actually viruses or spyware that infect your computer, or just junk software that does nothing of value.

What makes the scam so believable is there is actual follow through of the purchasing of software that is supposed to protect you. There is a shopping cart, an order form, credit card processing and a download, just like any online software purchase.

Protect yourself:

1. Use the most updated browser: Internet Explorer 8, Chrome or Firefox, download the latest and greatest. At least download whatever security updates there are for your exiting browser. Also keep Flash and Adobe Reader (Acrobat) up to date.

2. Usually by default, a pop-up blocker is turned on in new browsers. Keep it on. No pop-ups, no scare-ware.

3. If you are using another browser and a pop-up –pops-up, shut down your browser. If the pop-up won’t let you shut it down, do a Ctrl-Alt-Delete and shut down the browser that way.

4. Never click links in pop-ups.  If the pop-ups are out of your control, do a hard shutdown before you start clicking links.

5. Persistence counts. Shutting off this pop-up is often difficult and any buttons you press within this pop-up could mean downloading the exact virus they warned you of.

6. Install the most recent versions of anti-virus and keep it set to automatically update your virus definitions.

7.  Never click on links in the body of a “WARNING” webpage that is suggesting to download updates for your browser or suggesting to download security software. Don’t click the little red X in the upper right corner. Alt-F4 should close the pop-up window, and if it does not, then Ctrl-Alt-Del and use the Task Manager to kill the whole IE/FF browser etc (including any other running copies)

adapted via finextra.com.

  • 10/29/2010
  • IT