Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go
-->

Fake Antivirus ‘DefenceLab’ Circulating on Net

Security experts at Sunbelt have discovered that an online attack, which uses a new trick of social engineering, is offering actually fake antivirus scanners seemingly from Microsoft. The rogue anti-malware, named DefenceLab, diverts infected users to the Support site of Microsoft.

It inserts an HTML code into a displayed page from Microsoft.com. This page recommends that the visitor should use DefenceLab.

Roger Thompson, Chief Research Officer of AVG, states that the particular social engineering tactic has been intelligently used by hackers to turn many people into victims, as reported by Avast!webforum on December 10, 2009.

The security experts state that although DefenceLab advertises itself as a dependable security software, it is actually a fake AV product. The application claims that a large of users browsing CNET's Download.com has installed it. The trick is to persuade end-users to acquire and install its 'trialware'.

DefenceLab begins to advertise its supposed registered version. However, both DefenceLab's trialware and the registered version are fake and should be avoided, warn the experts.

Further, DefenceLab could be downloaded through bogus multimedia codecs. The program cheats computer users by exhibiting bogus results of virus scan, bogus security notifications, and pop-up ads.

Windows users, who are already infected by the scareware, are being persuaded to buy the supposed malware-cleaning software's full version. People accessing the URL indicated in the Windows Support portal that the scareware mentions, from an uninfected computer, receive a 'page-not-found' notice 404 times.

The strategy is based on a previous trick, which involved hijacking compromised computers' files so that the users' web-activities could be intercepted. The previous trick, through an attack, diverted Microsoft queries to certain compromised PC located in the UK.

Thompson commented that the two tricks actually highlighted the deceiving capacity of the miscreants. It was largely unexpected that they would modify html and manipulate Microsoft.com, wrote Thompson on AVG blogs dated December 10, 2009.

Thus, the experts recommend that users shouldn't become a victim of DefenceLab's trickery, but if they have already downloaded the program, they should get it cleaned with a dependable AV.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 22-12-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next