Posts Tagged: fakealert


Fake Microsoft Security Scam

by

Recently we have seen an increase in fake Microsoft scams, which function by tricking people into thinking that their PC is infected.  With these types of scams there are a number of things to remember. 1.       Microsoft will never call you telling you that your PC is infected 2.       Never allow strangers to connect to your PC 3.       Do not give any credit card info to somebody claiming to be from Microsoft 4.       If in doubt, shut down your PC and call Webroot The current scam will display a webpage that is very similar to the one in Figure 1. […]

Continue Reading »

’30 Rock’ Phrase ‘Circulus et Pruna’ Draws Fakealerts

by

Every search result on the first page (and most of the second page) of results for “circulus et pruna” leads to a Fakealert trap.

Continue Reading »

Fakealerts Invade Google Image Search Results for ’24′ Star

by

Searchers beware: Those photos of celebrities or funny cat pictures that turn up in your Google image search results might not be photos at all, but fake antivirus alerts. Evidence appears to indicate that a similar scam to one we blogged about last November may be working its way up the Google food chain into other forms of search results. While searching for photos of Annie Wersching, an actress who recently joined the cast of the TV show 24, we stumbled into one of these javascript-enabled fakealert browser traps. Oddly enough, when you click one of these bogus linked pictures […]

Continue Reading »

Fakealerts: Building a Better Mousetrap

by

In general, the use of fakealerts – those bogus warnings that look like your PC has started some sort of antivirus scan on its own, then predict imminent doom if you don’t buy some snake oil product right this minute — is on the rise. Fakealerts constitute a particularly effective social engineering trick, earning the makers of bogus, ineffective “antivirus” programs millions of dollars (and the scorn of victims) in the process. So it should come as no surprise that the fakealerts themselves have gone through some technological advances in the past year. In the past few months, the fakealert-makers […]

Continue Reading »

Rogues Mug Big Bird on his Birthday

by

In a move sure to raise the ire of Sesame Street fans everywhere, the black hat SEO gangs that have been manipulating Google results for the better part of the year have seized on a new target from which they’ve launched their current salvo of rogue antivirus guano. That’s right, the lovable, giant jaundiced avian friend to child and adult alike is being used to hijack searches and rope unsuspecting users into a vortex of popups and fake scans. They have besmirched Big Bird. And on his birthday, of all days. Have the rogue AV purveyors no shame? Actually, they’ve […]

Continue Reading »

Roman Polanski Arrest Spawns Headline-Hooking Rogues

by

By Andrew Brandt and Brenden Vaughan As we’ve seen for the past several months, a celebrity ended up the top news story, which started a cascade of malware distributors racing to get their driveby pages to the top of search results. Today’s victim/subject is Roman Polanski, the renowned film director arrested on decades old charges of statutory rape. This kind of gossipy, tabloid headline is like candy for rogue antivirus distributors. We began our search the minute we found out the news, and yes, within about half an hour of the story breaking, the pages began appearing in the search […]

Continue Reading »

One Click, and the Exploit Kit’s Got You

by

After all the brouhaha surrounding the NYTimes.com website hosting ads which spawned rogue antivirus Fakealerts last weekend, I spent a considerable amount of time looking at so-called exploit kits this week. These are packages, made up of custom made Web pages (typically coded in the PHP scripting language), which perform a linchpin activity for malware distributors. Namely, they deliver the infection to the victim, using the most effective methods, based on parameters which help identify particular vulnerabilities in the victim’s browser, operating system, or applications. There’s no indication that an exploit kit was used by the attackers in the NYTimes.com […]

Continue Reading »

Rogues Impersonate Google, Firefox Security Alerts

by

In the past week, we’ve begun to see new fakealerts — those disturbingly effective, entirely bogus “virus warning” messages — that appear to impersonate the appearance and text of legitimate warning dialogs you might see while surfing with the Firefox browser, or searching Google. The dialog, in a stern, red dialog box on a gray background, reads “Warning! Visiting this site may harm your computer!” — a dialog that appears to be designed to evoke the look of a Google’s Safe Browsing advisory as displayed in Firefox. Cast as a kind of split between a warning message and a clickwrap […]

Continue Reading »

Jackson/Fawcett Malware is Extortion-ware

by

As I reported yesterday, searches for information about the deaths of Michael Jackson or Farrah Fawcett were turning up links to malware. This came as no surprise to anyone, though the speed with which the links spread was astonishing: Within minutes of the first confirmation that Jackson had succumbed to a heart attack, the first malicious blog posts began popping up in search results. We’re continuing to monitor hundreds of malicious sites touting news of Jackson’s demise — and new malicious blogs are coming up as fast as the blog services can shut them off. The first site we encountered […]

Continue Reading »

Drive-by Downloads Still Pack a Punch – If You Click

by

In the course of surfing around, looking for ways to get infected, I stumbled upon a site that offers visitors downloads of key generators, cracks, and other ways to circumvent the process used by most legitimate software companies to prevent people who didn’t pay for the software from registering or using it. And of course, I stumbled into a morass of malware. Well, “stumbled” isn’t entirely accurate. The site is well-known to us as a host of drive-by downloads — it’s a site that uses browser exploits to infect your computer. But I went there anyway just to see what […]

Continue Reading »