Pop-Ups Fake Security AlertsPop-Ups Fake Security Alerts
Pop-ups try to fake users into downloading 'security software,' Trend Micro says
June 13, 2007
Next time you get a pop-up that alerts you to security troubles on your machine, beware.
There's been a surge in rogue anti-spyware applications, according to researchers at Trend Micro. The volume of these threats has jumped 500 percent -- from 2 to 10 percent of all infections Trend Micro has detected via its free HouseCall scanning service. The researchers say 10 percent of all new computers get infected by these rogue programs within the first 24 hours.
The latest attacks -- mainly aimed at less technically savvy home users -- use fraudulent security software as a lure, says George Moore, threat researcher for Trend Micro. It's a combination of social engineering and crafty pop-ups posing as Windows alerts. "Pushing fraudulent security applications is becoming increasingly popular."
Attackers can make anywhere from $30 to $80 a victim by selling them phony security tools, he says. "It looks, feels, and acts like legitimate software."
So far, it's mostly a money-making scheme, rather than a spam or bot-herding exercise. But the bad guys end up with your credit card information, so it's actually more dangerous. "They use several ways to get onto the machine -- through silent installs on emails, Google ads, IM, hacked MySpace pages, and fake video codecs that install the rogue application," he says.
The attackers are using hacked Web servers -- including some college sites -- to distribute their code, and they employ "bleeding-edge" Windows exploits as well, Moore adds. "I've seen some Websites where [rogue code] was elaborately written so it looks like a program on your local machine is saying your machine is infected." All it takes is for the user to click on a button to "clean" up the machine, and it becomes infected.
Moore says there are multiple gangs behind the rogue anti-spyware. One recent case came to a head with a class action lawsuit against WinFixer, which allegedly created dozens of these applications. The best defense is to be sure you have a legitimate security app running on your machine -- most of these tools can detect these so-called freeloader or parasite programs.
— Kelly Jackson Higgins, Senior Editor, Dark Reading
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks