Security vendor Sophos is warning of a major spam campaign designed to trick users into downloading fake anti-virus software.
In a blog post, Sophos senior technology consultant Graham Cluley explained that the unsolicited emails arrive with subject lines such as “You're invited to view my photos!”, “Appointment Confirmation”, or “Your Bell e-bill is ready”.
“Opening the attached HTML file, however, redirects your web browser to a hacked web site containing a malicious iFrame [which Sophos detects as Troj/Iframe-FK],” said Cluley.
“This, in turn, loads scripts from other web sites that load a fake anti-virus attack that Sophos detects as Mal/FakeAV-EI.”
This particular fake AV often disguises itself as a bogus version of McAfee VirusScan, warned Cluley.
“So, in this attack, the hackers are using a mixture of human gullibility, poorly protected web sites, and the tried-and-trusted trick of scaring users into believing that they have security problems on their PC to con them into downloading more dangerous software or handing over their credit card details,” he wrote.
Cyber criminals are increasingly looking to scareware of this kind to trick users into parting with their cash. In a new blog post, Symantec Hosted Services noted that fake AV had even infected one of the public access internet connected PCs in an airport terminal.
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones
Topological photonic chips promise a more robust option for scalable quantum computers
In quantum physics both the chicken and the egg can come first, claim University of Queensland researchers
Cause-and-effect is not always straightforward in quantum physics