You may have seen this before, it goes like this: a pop-up pops and it looks like a window on
your PC. Next thing a scan begins. It often grabs a screenshot of your “My Computer” window
mimicking your PCs characteristics then tricking you into clicking on links. The scan tells you
that a virus has infected your PC. And for $49.95 you can download software that magically
appears just in time to save the day.
From that point on if you don’t download and install the software, your computer goes kooky
and pop-ups will invade you like bedbugs in New York City.
Web pages may be infected or built to distribute scareware. The goal is to trick you into clicking
on links and download their crappy software.
Information Week reports those behind a new fake antivirus software have added a new social engineering element – live support agents who will try to convince potential victims that their PCs are infected and that payment is the cure.
The rogue software comes equipped with a customer support link leading to a live session with the bad guy. Real scammers on the other end of chat have the ability to offer live remote access support instructed by support to click a link initiating remote access to their PC. Once connected remotely, the scammer can potentially retrieve documents to steal your identity.
Another new twist on the scam involves a popup in the form of a browser with a warning that looks like what your browser may present to you when you visit a page that might have an expired security certificate, malware warning or be a potential phishing site. The page is usually red with a warning: “Visiting This Site May Harm Your Computer” then it provides you with a link, button or pop-up that gives you the option of downloading security software or to update your browsers security.
The software is sometimes known as “AntiVirus2010” “WinFixer,” “WinAntivirus,” “DriveCleaner,” “WinAntispyware,” “AntivirusXP” and “XP Antivirus 2010” or something like “Security Toolkit”. These are actually viruses or spyware that infect your PC, or just junk software that does nothing of value.
What makes the scam so believable is there is actual follow through of the purchasing of software that is supposed to protect you. There is a shopping cart, an order form, credit card processing and a download, just like any online software purchase.
#1 Use the most updated browser. Whether Internet Explorer 8, Chrome or Firefox, download the latest and greatest. At least download whatever security updates there are for your exiting browser.
#2 Usually by default, a pop-up blocker is turned on in new browsers. Keep it on. No pop-ups, no scareware.
#3 If you are using another browser and a pop-up -pops-up, shut down your browser. If the pop-up won’t let you shut it down, do a Ctrl-Alt-Delete and shut down the browser that way.
#4 Never click links in pop-ups. If the pop-ups are out of your control, do a hard shutdown before you start clicking links.
#5 Persistence counts. Shutting off this pop-up is often difficult and any buttons you press within this pop-up could mean downloading the exact virus they warned you of.
#6 Employ the most recent versions of anti-virus and keep it set to automatically update your virus definitions.
#7 Never click on links in the body of a “WARNING” webpage that is suggesting to download updates for your browser or suggesting to download security software. Just hit the little red X in the upper right corner.
Robert Siciliano personal security expert to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover. Disclosures.