Bogus AV Purveyors Using Fake Yahoo! Answers Website
BKIS the security vendor in Vietnam cautions of scareware (fake anti-virus) purveyors who are spreading malicious web-links on portals for Q&A (questions and answers), which take users' onto spoofed Yahoo Answers websites.
Essentially, leading onto a .tk web-domain, which has "answers" and "yahoo" as words within its name, the domain serves a message containing the same words, while either stating that the URL http://answers-yahoo-z.tk is likely to help the visitor, or that the visitor may get the answer from a link (as given).
But on hitting these web-links, a site opens up that resembles the Yahoo Answers site prompting the visitor to take down the answer that, however, is an .exe document.
State security researchers at BKIS who studied the assault, the executable serves as an installer pulling down scareware obtainable on the Security Shield group.
This scareware, characteristically, is created for frightening end-users into becoming convinced that malware has crept into their PCs, via exhibiting phony warnings. Moreover, using the scareware for allegedly removing the malware only produces an error that asserts that the full edition of the fake anti-virus is required, which requires obtaining an authorized key. Generally, the outcome for users when the scareware infection sets in is loss of own payment card information to scammers.
Indeed according to security researchers, the above kind of assaults like the one impacting the Yahoo! Answers websites currently causes an enormous pressure on the user besides installing malware on his computer.
The researchers remark that they observed scareware scams to increase drastically, essentially because they're very effective. According to them, people generally are skeptical of their PCs as also ID theft, which hackers exploit for own gain.
The increased number of scareware campaigns towards 2010 end that's reportedly 40% of all malware, say a few security firms has resulted in people demanding solely tougher imprisonments for assisting in solving the issue in the form of a prevention vis-à-vis the miscreants.
Conclusively, while trying to foil the above kinds of scareware campaigns, security researchers recommend that end-users should deploy security software obtainable from an authorized vendor as also always remain watchful when browsing websites.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 17-05-2011