New False AV Identified by Symantec
As per Symantec, cybercriminals are utilizing e-mail scam for advertising fake antivirus.
The security firm received a conspicuous application, Windows Risk minimize. The application has already taken a toll on over 300 compromised websites, as evident from the malicious e-mails.
During the initial phase of the attack, a user is being warned of the critical processes running on their system when the compromised sites are visited by "window secure kit".
However, on hitting the 'OK button', a forged scan starts running in the system automatically for detecting the worms and Trojan infections that threatens the computer.
The only difference between this dubious e-mail from the earlier one is the existence of flash animation in the system that provides random virus names to random files within it.
However, once the scam is finished, a windows security dialog box appears with the findings of the scan. This dialog box can be separated and the various damages caused can be selected or unselected.
Similar to many fake antiviruses, if one tries to close the window, the user is warned with the terrible consequences if the virus is not removed.
When the 'Remove all' button in the security alert windows is clicked, the user is encouraged to download a malicious executable file. The executable file includes Windows Risk Minimizer software, which on being opened displays a professional looking screen to the users.
Interestingly, the fake antivirus detects many viruses. When this window is closed, the malware repeatedly shows pop up warning and balloon message in the notification area, which are designed to persuade the users of the existence of an infection in a computer and the need to invest in antivirus software worth $99.90.
The alerts displayed on the screen notify a Google chrome infection and accuses the user of violating the stop online piracy act (SOPA) legislature.
However, all these minute problems can be solved by simply purchasing the lifetime subscription and support for fake AV, worth $99.90.
As such, users are advised to update regularly their OS, browser, and AV solution so that risks could be minimized.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 04-04-2012