All the latest UK technology news, reviews and analysis

Cyber crooks dupe victims with bogus Microsoft security alerts

01 May 2013

Webroot has detected a new wave of bogus Microsoft-themed cyber scams, looking to dupe web users with bogus security notifications.

The security firm reported detecting a number of scams targeting users with malware-laden messages masquerading as alerts from Microsoft in a blog post on Tuesday.

"Recently we have seen an increase in fake Microsoft scams, which function by tricking people into thinking that their PC is infected," wrote Webroot's Roy Tobin. He added that the cyber crooks use a variety of techniques to get the messages in front of their victims.

"There are a number of ways to figure out that this is a false alert. The first is that it's a website message and not a program; the second is that location of the website will be a random string of letters," he said.

"These websites will normally only stay active for 24-48 hours before they are pulled down. The websites' primary function is to get you to run a ‘removal tool' called ‘security cleaner'. This file is the infection and, if ran, will infect the PC and start displaying pop-ups."

The Webroot researcher said that the scams are not terribly advanced, and as long as users don't click on the malicious messages they will stay safe.

"At this stage [when the message appears], the PC is not infected so it's safe to close the browser and ignore any alerts from the website. Noting the website that displayed the message is good idea as you can notify the webmaster (if it's a legitimate website)," wrote Tobin.

Microsoft is one of many big brands used by cyber criminals to make the phishing messages look more legitimate. Last month, McAfee detected a cyber scam that used Facebook and LinkedIn to spread malware.

At the time of publishing, Microsoft had not responded to V3's request for comment on the influx of new scams using its name.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

MS Dynamics Solution Architect

Background Rapha creates the finest cycling clothing...

Senior PHP (JavaScript / node.js developer)

Senior PHP (JavaScript / node.js developer) Assertis...

Senior Technical IT Engineer / System Administrator / Support Analyst

EVAK Technologies Ltd is an IT Services and Consultancy...
To send to more than one email address, simply separate each address with a comma.