Alerts E-Threats

New Scareware Campaign Tricks Users with Fake Antivirus

A new type of scareware advertisement tricks users into believing their systems are infected and need expert help to remove the malware, Bitdefender warns.

The malware-spreading mechanism is quite simple: the fake AV ads pop up unexpectedly when browsing the web, after the user’s computer has been previously infected with adware. Malicious ads usually enter the system under the form of an innocent-looking browser extension or application which installs itself when downloading free programs such as games, system optimizers, file converters, and others.

phishing alert_2The fake messages are very alarming and urge users to dial a tech support number in order to remove the alleged viruses putting at risk their personal and financial data.

fake AV_finalThe dialogue boxes reappear even if users try to close them. Phishers cleverly used images instead of text in an attempt to bypass anti-phishing engines looking for fraud-related keywords.

Bitdefender Online Threats Researcher Marius Doroftei said:

“Calling the “free 24/7” toll number claims to put users in contact with a security expert, but cyber-crooks are hiding instead at the other end of the line. They can easily pose as a seller asking for money to deliver a security fix, gain remote access to the user’s system or even install spyware and other malicious programs to capture private data – this time for real. Phishers might even offer to help you get rid of well-known adware, like the one that got your system infected in the first place. Either way, users are at risk.”

Bitdefender blocks the malicious URLs and advises users to keep their antivirus solution updated. This will stop infections by prompting users before accessing infected websites or downloading malicious programs. An adware removal tool helps users get rid of adware already installed on their systems.

This article is based on the technical information provided courtesy of Bitdefender Online Threats Researcher Marius DOROFTEI.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author

Alexandra GHEORGHE

Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers' mouse scrolls. Alexandra is also a social media enthusiast who 'likes' only what she likes and LOLs only when she laughs out loud.

2 Comments

Click here to post a comment

Leave a Reply to Kevin Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Too Funny!

    This happened to me

    This is how I got Antivirus 2009 on my Windows XP machine back then!

    Don’t click the box folks!

  • I have Ubuntu, and here's what it said.

    ———————-
    Dear customer,

    A serious malfunction has been detected with Ubuntu null and your Firefox 48.0. Please call the toll-free number below for a Microsoft-Certified technician to help you resolve the issue.
    ———————-

    From that point on I knew I was dealing with someone who was legit.