Cybercriminals continue to rely on their victims' naivety and inattention in order to trick them into imperiling their data. This time, the malware spreading mechanism is simple and classic: an email announces the release of a new free antivirus, which can be downloaded from an apparently legitimate software-buying site. At a closer look, the .com extension of the site was changed to a .net extension, which means that the browser is automatically redirected to another Web….and that’s the page which infects the computer with a fake antivirus.
The behavior of the malicious program starring in this case is comparable to that of other rogue antivirus solutions: when the user is redirected to the malware distribution Web page, the browser window automatically minimizes and a warning message is displayed at the same time. This message notifies the user about several alleged computer infections and it points out the necessity of installing a security solution.
By clicking either the Remove all or the Cancel buttons of the various pop-up windows appearing on the screen, the user activates a false demonstration that unfolds in the restored browser window. This demonstration imitates an on-going scanning process that detects oodles of malware in the system, while other fake pop-up windows attempt to trick the user into downloading the malicious program posing as the antivirus.
With each so-called scan, more and more notices of false detections place the user under the pressure of registering the rogue antivirus. Once installed, it modifies or irremediably damages the content of several system files and it conveys numerous pop-ups on sham system problems and fake infections, while also persistently asking the user to buy or renew a license.
To protect and avoid compromising your system and data, follow the five security tips below:
· install and activate a reliable antimalware, firewall solution and spam filter, such as those provided by BitDefender.
· update your antimalware, firewall and spam filter as frequently as possible, with the latest virus definitions and suspicious application/file signatures.
· scan your system frequently.
· regularly – download and install the latest security updates and malicious removal tools as well as other patches or fixes released by your operating system provider.
· do not download or save files from sources you don't know; run a complete antimalware scan before opening or copying any file to your system, even if the file comes from a trusted source.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of their respective owners.