Posts Tagged ‘scareware’

Earlier this month we talked bout “scareware“. One such attack recently was perpetrated through the popular social networking site Twitter. In fact, this week I have witnessed several different phishing schemes on Twitter.

1. Scareware Scam: Scammers were found to be using machine-generated Twitter accounts to post messages about popular topics. Each of these messages would include a link, often disguised using a link-shortening service (making it difficult to know where the link would lead). The link would lead to servers hosting fake Windows antivirus software.

2. DMs that Steal Logins: This second scam would use hacked accounts to send direct messages (DMs) to users. Clicking the link in the scam would take you to a fake login page in a ploy to steal your login information. This scam would then perpetrate to all the friends of the compromised account. Receiving direct messages with links from “friends” increases the likelihood these links will be clicked.

3. Baiting Users: I have witnessed attempts by several auto-generated accounts to bait particular users. To do so, they will accuse the user of something, such as a political stance, in repeated @ messages. This will be retweeted or continued by a whole series of other accounts. In all cases, the accounts will have other “real” looking tweets with links in them, trying to bait you to check the account and click the links.

In reference to the second scam, I know of individuals who had their accounts breached without handing over their passwords, so it’s imperative that anyone who has received direct messages with links not click those links. If you do, change your password right away and contact Twitter support to report the issue.

I myself have been baited by many of these schemes, but I never click the links. Here, for example, is one a “friend” sent me yesterday:

If you are unsure about a particular link, don’t click it. If it is a shortened URL, you can see what it leads to with a service such as LongURL. If you use Firefox and want added protection from cross-site scripting attacks, you can install the NoScript plugin.

Via mashable, computer world

Almost every internet user has encountered “scareware,” those fake anti-virus warnings that pop up with the intent of scaring people into believing that their computer is at risk of being infected or compromised in some way. 

Often, users are offered some sort of program (for a fee, of course) that will protect their computer from threats.  As if shelling out good money for these scams isn’t bad enough, it’s worsened by the fact that many of these products actually prevent real antivirus programs from operating properly.  In fact, some even block users from being able to access websites and tools that could help them remove the bad program.

Since there are legitimate online virus scanners on the internet, how is it possible to distinguish them from the fake ones?

Typically, you won’t come across a real virus scanner accidentally since they usually require people to agree to a variety of terms and conditions before they are given access to the tool.  Also, if you are a Mac user, a major clue might be that the scanner includes a “My Computer” window or some other pop up that is specific to Windows (for some reason, these scams tend to target PCs more often than Macs). 

There are a number of great resources for more information. 

• Mark Hyslop wrote a more in-depth article about scareware
• ZDnet offers a great guide to scareware protection

Here is a list of some legitimate online scanners:

• TrendMicro’s Housecall
• Kaspersky’s Online Malware Scanner
• F-Secure’s Online Malware Scanner
• ESET’s Online Malware Scanner
• BitDefender’s Online Malware Scanner
• PandaSecurity’s Cloud Antivirus
• McAfee’s Online Malware Scanner
• Rising’s Online Malware Scanner
• Dr. Web’s Online Malware Scanner
• Symantec’s Online Malware Scanner
• CA’s Online Malware Scanner

image: sxc.hu/svilen001