Webroot® Threat Advisory: Hackers Using Continental Flight 1404 Headlines To Scam Online News-Seekers

Rogue Applications Trick Users Into Purchasing Phony Software And Sharing Personal Information; Hacks Extend Into Other Breaking News Topics

Boulder, CO – December 23, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, has detected a new string of rogue antivirus applications that use URLs related to Continental Flight 1404 and other current news to manipulate consumers into purchasing phony Internet security protection. The URLs link to a download site which triggers a series of fake infection and firewall pop-up messages, bearing the generic name "Spyware Guard 2008."

"Cybercriminals are capitalizing on the Continental Flight 1404 incident and other news catching the nation's attention, including NFL game results and regional holiday events, and they're programming fraudulent Web site links to appear near the top of search engine results," said Paul Lipman, senior vice president and general manager of Webroot's Desktop Business. "As a result, consumers can easily click on a link that leads to deceptive messaging from a seemingly trusted source, and subsequently share personal information to purchase fake software. We encourage anyone searching for news online to be skeptical of unfamiliar URLs, and to protect themselves by having a legitimate antispyware, antivirus and firewall software in place."

According to Webroot's Threat Research team, many rogue antimalware applications use tactics to appear as if the product comes from a trusted security company in order to convince users into downloading and purchasing the product. Users find the Web site downloading this rogue application through a Google search further projecting an aura of trust. With this new string, users receive a series of fake "Spyware Guard 2008" messages distributed by a download site called frelatig.com.

Webroot has developed a set of recommendations for users to prevent this type of malware attack.


©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

SOBRE WEBROOT

Webroot® is the market leader in cloud-based, real-time internet threat detection for consumers, businesses and enterprises. We have revolutionized internet security to protect all the ways users connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Mais de 7 milhões de consumidores, 1,5 milhões de utilizadores empresariais e 1,3 milhões de utilizadores móveis encontram-se protegidos pela Webroot. Market-leading security companies, including Cisco, F5 Networks, GateProtect, HP, Microsoft, Palo Alto Networks, Proofpoint, RSA and others choose Webroot to provide advanced Internet threat protection for their products and services. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held internet Security Company in the United States – operating globally across North America, Europe and the Asia Pacific region. For more information on our products and services, visit www.webroot.com.