Posts tagged as:

Social-Engineering

Fake Antivirus adds “Support”

by certifiedbug on February 15, 2010

in Scareware Rogues

Rogue security programs usually pop up a screen informing users that their PC is infected with malware. The user, understandably alarmed by the nonstop pop-ups which suddenly appear on their frozen screen, will often click to make a purchase and download the “fake” software which claims it will remove the infection. In a nutshell that “is” the infection and a lucrative business for criminals.

According to researchers at Symantec the authors of Live PC Care have taken things to the next level. The free trial version of Live PC Care includes a yellow online support button. Clicking on that button connects the potential victim with so-called “support agents” who will answer questions about the product via instant message.

Fake AV & Talking With The Enemy

http://certifiedbug.com/blog/category/scareware-rogues/

{ 0 comments }

MSN Featured Offers, Spam from Canadian Pharmacy

by certifiedbug on November 8, 2008

in Internet Security

This week I have seen a resurgence of the “MSN Featured Offers” scam, this time from Canadian Pharmacy, pushing Viagra and other pharmaceuticals.

Previous Certifiedbug alerts:
Infector Spam ‘Free Update Windows XP,Vista’
Fake IE7 email Spam
Spam posing as MSN Featured Offers

Domain Name: xhtnnfx.cn
Created: 2008-10-28
Expires: 2009-10-28
Whois Server: whois.cnnic.net.cn
IP Location: Latvia – Latvia – Vdhost Ltd

Domain Name: progressconsider.com
ICANN Registrar: 35 TECHNOLOGY CO., LTD
Created: 2008-11-05
Expires: 2009-11-05
Updated: 2008-11-05
Domain servers in listed order:
srv1.reachfarm.com
srv2.reachfarm.com
ZHANGJIE
JIANSHELU263
TS,HB,CN 063002

hxxx://ler.rightachievement.com
Canadian Pharmacy

hxxx://myx.poseindependence.com
Canadian Pharmacy

hxxx://xkx.rightachievement.com/
Canadian Pharmacy

Those are just an example, the links will change frequently.

Fake pharmaceuticals on-line, buyer beware

{ Comments on this entry are closed }

Fake IE7 email Spam

August 8, 2008

Spam spoofing my own email address as from admin at microsoft.com. It is fake and not from Microsoft.
Don’t click on “Download the latest version!” which links to the infecter, ‘update.exe’, and no fireworks will occur.
Internet Explorer 7
Download the latest version!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft [...]

Read the full article →

Spam posing as MSN Featured Offers

July 16, 2008

This old turkey keeps coming in the mailbox. Hidden under “Click here” is an .exe which will infect your computer.
Angelina Jolie’s Free Video.
Click Here!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click [...]

Read the full article →

Storm Worm readying for another attack

May 4, 2008

Despite the article at computerword.com April 22, 2008 reporting that Microsoft’s Malicious Software Removal Tool (MSRT) had made Storm pretty insignificant, the botnets appear to be preparing for another attack, which may target around Mother’s Day.
According to UploadMalware.com’s Malware Blog, one of their researchers has found indications of a new storm worm variant moving [...]

Read the full article →