Microsoft takes aim at fake antivirus software

[Matthew DeCarlo]

This week Microsoft’s Malicious Software Removal Tool received an update to detect a fake antivirus program known as “Win32/InternetAntivirus.” By alerting unsuspecting users to false claims of detected malware, they were frightened into buying “security software.” Win32/InternetAntivirus seemed legitimate to inexperienced users because it mimics the look of Windows Security Center.

Not only was the application scamming users out of money, but it also deployed another program called “TrojanSpy:Win32/Chadem” in an attempt to steal FTP usernames and passwords. If successful, the compromised systems were being used to host malware. According to a Microsoft blog post, the people behind this program use and register new domain names every day such as scanfan4.info and star4scan.info.

Fake malware warnings have become a common method of luring innocent users into buying illegitimate software. It’s nice to see Microsoft taking a step toward preventing the attacks, but it’s obviously an endless game of cat and mouse. I would like to offer a heads up to our less experienced readers: learn the name of and how to use your actual antimalware software and only follow its warnings. Don’t fall prey to these fallacious messages.

Permalink to story.

https://www.techspot.com/news/35047-microsoft-takes-aim-at-fake-antivirus-software.html

 

[oinari]

It's kind of crazy that people are still falling for scams like that.

 

[9Nails]

In some that I've seen, they're using screen shots of real software and putting flash over it to make it look like it's really scanning your files. It's all convincing if you don't understand the directories that it's pretending to scan. They do this for a short while the it shows 400 bad things that you find offensive and want to get rid of right away. There's the hook - the promise that something will work better for a small fee.