" />

Tech Geek and More

Technology Explained for All

Sponsor Ad IDrive Remote Backup

Tag Archives: ALERT from Panda Labs

Alert: Be careful shopping this coming Cyber Monday (11/29) as the bad guys are looking for easy victims

computer%20science As always the bad guys are online, out to try and steal from unknowing victims this holiday season.  With the popularity of Online Shopping, it has never been easier for a bad guy to steal from you without ever having to leave his home.  The following post below comes from Panda Labs (LINK: http://pandalabs.pandasecurity.com/blackhat-friday-and-cybercrime-monday/ (http://pandalabs NULL.pandasecurity NULL.com/blackhat-friday-and-cybercrime-monday/) ), showing how crooks are manipulating search engines to trick users.  As always, just because you are shopping online that doesn’t mean that you don’t have top pay attention.  Always make sure to keep your Cyber Guard up.

*******************************************************************************************************************************************

Black(hat) Friday and Cyber(crime) Monday

  • by Sean-Paul Correll (http://pandalabs NULL.pandasecurity NULL.com/author/sean-paul-correll/)

You may be in for more than you bargained for if you plan on looking for the latest Black Friday or Cyber Monday deals online.  Cyber criminals are quick to capitalize on new opportunities and have already done so by optimizing their Blackhat SEO campaigns to infect those looking for those hot ticket item deals.

The following image is a malicious search result aimed at innocent users looking for Black Friday deals at a popular U.S. based retail chain:

Best Buy/Black Friday Malicious Search Result (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/bestbuy_malicious_search NULL.png)

Best Buy/Black Friday Malicious Search Result

Clicking on the link in the Firefox browser will redirect you to a fake Firefox “update” website, which will then infect your computer with fake antivirus software:

Fake Firefox Update Website (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/fakefirefoxupdate NULL.png)

Fake Firefox Update Website

Clicking the link in Internet Explorer (or any other browser) will lead you directly to the fake antivirus scan page:

Rogueware "Fake Antivirus" Page (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/Roguewarepage NULL.png)

Rogueware “Fake Antivirus” Page

ALERT: Fake Antivirus software really adware meant to take your money $$$

pandalabs_security Story (and pictures) from the Panda Labs website (LINK: http://www.pandasecurity.com/emailhtml/oxygen/022809_ENG_in.htm (http://www NULL.pandasecurity NULL.com/emailhtml/oxygen/022809_ENG_in NULL.htm))

Anti-Virus-1: A new fake antivirus

Anti-Virus-1 is adware, specifically a "fake antivirus". As with all such adware, it is designed to simulate a scan of the computer, supposedly detecting thousands of strains of (non-existent) malware. The end aim is to sell users a pay version of the fake antivirus in order to eliminate the threats.

When run, this adware warns the user that the computer is not protected. The main screen displayed (http://www NULL.flickr NULL.com/photos/panda_security/3313653378/) is a spoof of the Window Security Center

3313653378_e9307e88f8

It then pretends to scan the system for malware (http://www NULL.flickr NULL.com/photos/panda_security/3313653384/). If users do not immediately take the bait and buy the pay version of the fake antivirus, the malicious code will sporadically display a message reminding the user that the computer is infected (http://www NULL.flickr NULL.com/photos/panda_security/3313653386/)

3313653386_d7d2477df1

In warning messages, and after the fake scan, a link is provided from which users can download the fake antivirus. Anyone clicking on the link will be redirected to a page like this (http://www NULL.flickr NULL.com/photos/panda_security/3313653390/).

3313653390_a9554b8264

Additionally, when infected users visit certain Web pages with comparative reviews of antivirus products, there will be redirected to a spoof page showing a review of an ‘antivirus’, called Antivirus2010, with functions and characteristics similar to Anti-Virus-1.

"By doing this, cyber-crooks hope that users will download this adware on their own initiative. This makes it far less likely that users will suspect that they have been infected and consequently more likely that they will buy the fake antivirus", explains Luis Corrons, Technical Director of Panda Labs.

Google Ads
View in: Mobile | Standard