Posted on 03/22/2009 10:46:03 PM PDT by JoeProBono
Makers of fake anti-virus software are exploiting search engines to drive people to sites peddling 'scareware'.
Using popular and mis-spelled search terms, the criminals divert people to sites that are seeded with fake warnings about virus infections.
The pop-up warnings claim that a visitor's PC is riddled with malicious programmes and spyware.
Research suggests some criminals are making as much as $10,000 a day from fake security software.
(Excerpt) Read more at news.bbc.co.uk ...
An example of scareware.
Figure 1 - Scareware pop-upmessage masquerades itself as legitimate Windows Security Alert with warning about "Trojan-Clicker.Win32.Tiny.h"
At first glance, these messages appeared legitimate with technical information and its graphical interface consistent with most Microsoft Windows.
However, when the “Enable Protection” button is clicked, it hijacks user’s web browser to a website, www.antispyware-review.biz, which sells rogue software PC Antispy & PC Clean Pro.
To make this post I booted a computer normally used by Windows with a Puppy Linux CD. Since the CD drive is read only there simply is no way any virus could ever take hold. Amazing how people will stick with a weaker choice simply because they are use to it.
I also use Puppy Linux .
A friend of mine’s computer got one of these that emulated Norton & Windows security. I took me forever to get rid of it, and I had to switch him from IE to Firefox.
The popup in figure one is from the Messenger Service which is one of the many security flaws in windows. You can get rid of them by:
start, Control panel, performance and maintenance (if you are in category view), administrative tools, services. From here you find “messenger service”, right click on it, and choose to stop the service.
There are programs that show up on the messenger service that will stop the service for you, but they cost $20. And while I support entrepreneurial spirit as much as the next man, I also support self reliance, so do it yourself.
There are a few other scam ware (or rogue programs) that try to swindle you out of money. Internet Anti virus 2009, Anti virus 360 and Internet Anti virus pro are just a few of them. Anti virus 360 in particular is bad because it tells you your computer is infected and it will gladly take care of the problem for a mere $99. It won’t take care of the problem, of course. They just run off with your money. And if you ignore it, your computer’s performance will degrade until the computer is not usable any more.
Hope this helps people. I work in tech support so I get news like this all the time.
Thx!
(as if anybody cares)
;-}
I usually use Puppy in my laptop when I’m in public locations. The combination of fast boot and Linux security can’t be beat. I generally use Windows at home.
Might just save you time, and govt property aka money.
I use a Mac and landed on a screen like that and by clicking on the Red Exit it actually tried to launch the program and I had to do a hard shut down to clear the screen...
I just spent a weekend reinstalling a Windows installation for family member that had somehow been compromised with something like this (although their insistence on using IE might have something to do with it) The symptoms were a bit atypical. Their desktop got a notice in the tray Notification Area that said the machine was infected and that they needed Windows Antivirus 2009, after which it blue-screened and wouldn't let him back into Windows. He realized soemthing was up and yanked the network cable.
I was able to get into Windows with a System Restore point, Task Manager was inaccessible and the properties on his My Documents showed the Size on disk and number of files increasing by the second, which was enough to persuade me to immediately reboot and try it from Safe Mode. From there I discovered that whatever it was had deleted the HijackThis I had previously installed. Norton (ptoo!) was completely trashed, (which is actually redundant now that I think about it...) A fresh install of HijackThis showed at least a hundred new entries into the Run keys in the registry, all with nonsensical names.
Now I'm of the firm opinion that once a system is compromised by malware there is no "Cleaning" it as you never know that what you did find isn't secretly installing something stealthier, but this one was obviously past even that argument. So reinstallation it was. Dumped Norton (ptoo!) got him on Zone Alarm, Avira, Spybot with TeaTimer, and Firefox with periodic HijackThis checks thrown in.
Both he and the Mrs. swear they didn't download and/or install anything, and I believe them. Heck, she was on a knitting site when the notification popped up.
Yikes. The only time I run MS windows and allow it to connect to the internet, is when it’s within a virtual window. If something happens to that installation, I simply delete the folder and start over.
I use firefox, and it shows the URL of the link when you hover the mouse over it.
I've gotten into the habit of just hovering over every link I'm about to click on just to examine the link before I click on anything.
It's saved me from several decent-looking scams in the past. :)
How do you get it to do that? I'm using FF 2.0 and it doesn't show the URL. Is it just turned off somewhere? Thanks.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.