Computer Users Warned As Fake AV Attacks Hits The Web World
Sophos (an IT security and data protection firm) is cautioning computer users to beware of a new prevalent spam campaign intended to infect computers with bogus anti-virus products.
The e-mails seized include a diversity of numerous themes varying from free-to-view holiday pictures to credit card payments. These e-mails comes with subject line as: "Your Vistaprint Order Is Confirmed", "Parking Permit and/or Benefit Card Order Receipt - <random number>", "Vistaprint Canadian Tax Invoice (<random number>)" ,"You're invited to view my photos!", "Appointment Confirmation", "Vistaprint Canadian Tax Invoice (<random number>)", etc.
As per the security researchers at Sophos, it wouldn't be anything shocking at all if some of the netizens opened the attached files in these e-mails (which come with names like, Appointment Confirmation.html, Print this album.html, Benefit Card Order Receipt.html, e-bill.html, Vistaprint Order Invoice.html, and Tax Invoice.html).
If the receivers open the HTML attachment, with these e-mails, then their web browser will direct to a hacked website enclosing a malicious iFrame that lets the fake anti-virus attack to be initiate.
Sophos identifies the malicious e-mail attachments as Troj/JSRedir-CH, and the forged anti-virus attack as Mal/FakeAV-EI. Mal/FakeAV-EI usually conceals itself as a fake version of McAfee VirusScan.
The security firm said that the attacks were intended to scam people into paying to eradicate dangers out of their computers that actually never existed in the user's system. After a user's system has installed bogus anti-virus, the software will persist to deliver the user with fake warning alerts to persuade them to compensate for the threats to be eradicated or mount additional flaw onto their computers.
Commenting on the issue, Graham Cluley, Senior Technology Consultant at Sophos said that a scam like this could be extremely successful at passing revenue immediately and straightforwardly to the hackers, as reported by Info Security on August 26, 2010.
Sophos' security experts further stated that if netizens were worried about the safety of their machine, they must have directly reported to a legal IT security website, rather than just relying on a criminal hacking group.
Related article: Computer Virus Writers Adopt New Strategy
» SPAMfighter News - 28-08-2010