Webroot® Threat Advisory: Hackers Using Continental Flight 1404 Headlines To Scam Online News-Seekers

Rogue Applications Trick Users Into Purchasing Phony Software And Sharing Personal Information; Hacks Extend Into Other Breaking News Topics

Boulder, CO – December 23, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, has detected a new string of rogue antivirus applications that use URLs related to Continental Flight 1404 and other current news to manipulate consumers into purchasing phony Internet security protection. The URLs link to a download site which triggers a series of fake infection and firewall pop-up messages, bearing the generic name "Spyware Guard 2008."

"Cybercriminals are capitalizing on the Continental Flight 1404 incident and other news catching the nation's attention, including NFL game results and regional holiday events, and they're programming fraudulent Web site links to appear near the top of search engine results," said Paul Lipman, senior vice president and general manager of Webroot's Desktop Business. "As a result, consumers can easily click on a link that leads to deceptive messaging from a seemingly trusted source, and subsequently share personal information to purchase fake software. We encourage anyone searching for news online to be skeptical of unfamiliar URLs, and to protect themselves by having a legitimate antispyware, antivirus and firewall software in place."

According to Webroot's Threat Research team, many rogue antimalware applications use tactics to appear as if the product comes from a trusted security company in order to convince users into downloading and purchasing the product. Users find the Web site downloading this rogue application through a Google search further projecting an aura of trust. With this new string, users receive a series of fake "Spyware Guard 2008" messages distributed by a download site called frelatig.com.

Webroot has developed a set of recommendations for users to prevent this type of malware attack.


©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

OVER WEBROOT

Webroot® is the market leader in cloud delivered security software as a service (SaaS) solutions for consumers, businesses and enterprises. We have revolutionized Internet security to protect all the ways you connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Meer dan 7 miljoen consumenten, 1,5 miljoen zakelijke gebruikers en 1,3 miljoen mobiele gebruikers worden beschermd door Webroot. Market leading security companies, including Cisco, F5, gateprotect, Palo Alto Networks, RSA, SOTI, Telenor, and others choose Webroot to provide advanced Internet threat protection for their products and services. Webroot, dat werd opgericht in 1997 en zijn hoofdkantoor in Colorado heeft, is het grootste onafhankelijke internetbeveiligingsbedrijf in de Verenigde Staten en is wereldwijd actief in Noord-Amerika, Europa en de regio Azië-Pacific. For more information on our products and services, visit www.webroot.com.