Windows users–Keep your head on a swivel
I thought about this long and hard. Should I post about this or not? With nearly 90% of the planet using Windows (and an even greater percentage of my friends and family), I feel like I would be neglecting my duties if I didn’t mention it. No doubt some of you have noticed, and perhaps have fallen victim to, the fake anti-virus scams on some nefarious websites floating around. I’ve personally dealt with at least two machines that had been compromised by such dubious programs. They use common social engineering tactics to trick users into thinking they have a virus (or series of them) with a legitimate looking program that generally says something to the effect of OMG! You’re infested! (OK. Not really, but you get the drift). Not one to ever leave things be, virus writers are always trying to find new more effective ways to infect a victims computer. The scammers behind these nasty programs are not much different. The devil has been busy as noted by Microsoft‘s own tech blog entry on the very subject. If you’re a Windows users, it would behoove you to be familiar with the warning signs of these fake programs.
It use to be somewhat easy to identify a fake because the window that would appear would be in another browsers, or operating systems, graphical user interface (GUI). Now, however, vx (virus) writers are getting smarter and using common user agent detection to ascertain which browser you’re using and quickly render an on-the-fly window with your current browsers interface making detection more difficult. Perhaps a user agent switcher, available on most browsers, would help by fooling the program into thinking you’re using one browser over another and thus tricking the fake program into rendering the wrong interface. This idea has it’s limits. Unfortunately, there are ways to detect your true browser by the way it talks to a server and thus reducing the effectiveness of an agent switcher.
Thanks to arstechnica for the original article that spurred me into action.
- New malware detects browser, shows fake malware warning page (arstechnica.com)
- Fake Anti-Virus Launches Legit AV Uninstalls (informationweek.com)