Security vendor Sophos is warning of a major spam campaign designed to trick users into downloading fake anti-virus software.
In a blog post, Sophos senior technology consultant Graham Cluley explained that the unsolicited emails arrive with subject lines such as “You're invited to view my photos!”, “Appointment Confirmation”, or “Your Bell e-bill is ready”.
“Opening the attached HTML file, however, redirects your web browser to a hacked web site containing a malicious iFrame [which Sophos detects as Troj/Iframe-FK],” said Cluley.
“This, in turn, loads scripts from other web sites that load a fake anti-virus attack that Sophos detects as Mal/FakeAV-EI.”
This particular fake AV often disguises itself as a bogus version of McAfee VirusScan, warned Cluley.
“So, in this attack, the hackers are using a mixture of human gullibility, poorly protected web sites, and the tried-and-trusted trick of scaring users into believing that they have security problems on their PC to con them into downloading more dangerous software or handing over their credit card details,” he wrote.
Cyber criminals are increasingly looking to scareware of this kind to trick users into parting with their cash. In a new blog post, Symantec Hosted Services noted that fake AV had even infected one of the public access internet connected PCs in an airport terminal.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago