Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Hacked Website Contains Fake Anti-Virus Software

Sophos : 27 August, 2010  (Technical Article)
Sophos reminds e-mail users to beware of opening unknown file attachments as fake anti-virus spam campaign directs users to infected web site
IT security and data protection firm Sophos is warning computer users to be cautious in the wake of a widespread spam campaign designed to infect users with fake anti-virus products. If recipients open HTML files attached to the spam emails, their web browser will be directed to a hacked website containing a malicious iFrame that allows the fake anti-virus attack to be launched.

The emails that have been intercepted by SophosLabs have a variety of different themes ranging from credit card charges to free-to-view holiday photographs.

The emails have subject lines such as:

* Parking Permit and/or Benefit Card Order Receipt -
* You're invited to view my photos!
* Appointment Confirmation
* Your Bell e-bill is ready
* Your Vistaprint Order Is Confirmed
* Vistaprint Canadian Tax Invoice ()

'A scam like this can be extremely successful at passing revenue directly and quickly into the hands of hackers - so we all have to be on our guard,' said Graham Cluley, senior technology consultant at Sophos. 'The attacks are designed to trick people into paying to remove threats from their computer that never really existed in the first place. Once a user's computer is infected with fake anti-virus, the software will continue to bombard the user with bogus warning messages to encourage them to pay for threats to be removed or install more malicious code onto their PC. If computer users are concerned about the security of their machine, they should go directly to a legitimate IT security site, rather than put their trust in a criminal hacking gang.'

Sophos detects the malicious email attachments as Troj/JSRedir-CH, and the fake anti-virus attack as Mal/FakeAV-EI.

Fake anti-virus scams are usually very successful as hackers prey on human gullibility, poorly protected websites, and the tried-and-trusted trick of scaring users into believing that they have security problems on their PC. This can lead users into downloading dangerous software onto their computers and handing over their credit card details.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo