Phony Microsoft endorsement part of new scareware tactic

A variant of the infection that urges users to buy DefenceLab antivirus software now also directs them to a Microsoft support page

A new scareware package tries to sell bogus antivirus software to its victims using an apparent endorsement of the software by Microsoft.

A variant of the infection that urges users to buy DefenceLab antivirus software now also directs them to a Microsoft  support page where a display describes a new threat and recommends using DefenceLab antivirus to clear it and protect against it.

Rating the malware blockers

It's a real Microsoft support site, but it's the malware already running on users' infected computers that injects the threat warning and the endorsement of the antivirus software, according to a blog by Matt Kelchner, a researcher at Sunbelt Software.

The scam is intended to prod users into clicking a "Fix It" button that leads them to a site where they can buy the antivirus software.

This twist is an extension of an ongoing scareware epidemic. Malicious software is downloaded to victims' machines and pops up warnings that the computer has been scanned and found to be infected. It then pops up windows urging them to buy antivirus software that can get rid of the problem.

The problem reportedly does go away, but experts say that doesn't mean the virus that created it is removed and won't cause more problems later.

Similar Trojans have been around for years and are among the "cash cows" identified by Cisco in its annual report on cybercrime. Other variants of these Trojans have encrypted files on victims' computers and basically held them for ransom. If users want to decrypt them, they have to fork over $40 to buy antimalware forced on them by the malware.

The criminals behind the malware also poison Google search results so when victims search for ways to remove the malware, sites for buying the bogus antivirus software come up first.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags ScarewareMicrosoftsecurity

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?