Massive 'Fake AV' Attack Launched
Scareware campaign targets consumers' credit card information with bogus offers of free antivirus services, warns Sophos.
Slideshows: 12 CIOs' 'Career Killer' Pet Peeves
|(click for larger image and for full photo gallery)|
Opening the HTML file attached to the spam, however, redirects your browser to a hacked website that attempts to use a malicious iFrame -- or inline frame, for loading different HTML documents onto the same page -- to push scripts at a PC, which then downloads fake antivirus software. That's when the fun begins.
More Security Insights
- The Untapped Potential of Mobile Apps for Commercial Customers
- Get Actionable Insight with Security Intelligence for Mainframe Environments
- The 451 Group Impact Report: Skybox Enters Vulnerability Management Space
- Securing and Controlling Data in the Cloud
According to Sophos, fake AV -- aka scareware -- "is a class of malware that displays false alert messages to the victim concerning threats that do not really exist." Side effects may include continuous alerts and continuously being redirected to websites demanding payment. Whether you pay for the software or not, it doesn't do anything, and if you do pay, don't expect to be charged just once.
Scareware attacks have been around for years. But this new fake AV attack ups the ante by disguising itself as VirusScan, from legitimate antivirus vendor McAfee, as well as by the volume of spam being generated to help the attack circulate.
When it comes to online scams, fake AV persists because it's a consistent moneymaker. Another selling point for criminals is the low barrier entry. Fake AV attacks are relatively low-tech, relying more on social engineering -- and annoyance -- than cutting-edge coding.
"In this attack, the hackers are using a mixture of human gullibility, poorly protected websites, and the tried-and-trusted trick of scaring users into believing that they have security problems on their PC to con them into downloading more dangerous software or handing over their credit card details," said Graham Cluley, senior technology consultant at Sophos, on the Sophos blog.
Virtual desktops can give on-the-go employees access to the data and apps they need to survive. Read about that and the Defense Intelligence Agency's virtualization plans in InformationWeek's new all-digital supplement. Download it here (registration required).