Rogue antispyware has been around for quite sometime, and typically most rogue antispyware does pretty much the same thing and has the same goal; rip people off and make the authors a large amount of money by scamming people.
Most rogue antispyware pretty much works like this:
1. Infect PC after PC with the use of Trojans, browser security loopholes, misleading advertising and other dirty tricks.
2. Scare the hell out of the user with false security warnings, system scans, browser redirects, system tray warnings, pop-ups and other tactics until the user thinks their PC is really infected with some seriously nasty stuff.
3. Get people to buy the full version of the corrupt software in an attempt to clean the machine, all the while ripping off naive people who fall for this scam because the software is useless.
Well, as PCMag and BleepingComputer pointed out last week, the rogue antispyware tricks have gotten a little dirtier:
http://blogs.pcmag.com/securitywatch/2009/02/new_rogue_anti-malware_pushes_fake_pcmag_review.php
Pretty much the rogue authors have a new trick to prevent users from removing the rogue antispyware from their systems and it goes something like this:
The rogue antispyware makes changes to the HOSTS file when it infects a computer which prevents users from going to legitimate security sites in an effort to remove the rogue, which is not uncommon. So if you were trying to go onto sunbeltsoftware.com to download the latest version of VIPRE to remove a rogue infection you would be redirected to a rogue website instead.
The new twist to this already horrifying process is the rogues are now creating webpages that contain almost identical content to and that look very similar to respectable product review websites, such as PCMag.com, in an effort to trick people into believing the rogue software has been reviewed and is a really great product. They even go through the trouble to display product reviews that were written for legitimate software by well known software review editors, only swapping out the software titles with the titles of the rogues in a desperate attempt to make the corrupt software seem as legit as possible.
WOW – That is confusing! Frankly it seems like this is a lot of effort put into trickery that may not work so well. Actually it’s hard to believe this would work on anybody, but it must if the rogue authors put all the effort and time into developing this hideous plan. Pure evil!
The best bet for avoiding these increasingly sneaky rogues is to keep your PC protected at all times with antivirus/antispyware software and a firewall. I guess in this situation it’s pretty safe to say you shouldn’t always believe what you read!
Subscribe to:
Post Comments (Atom)
Posts
0 comments:
Post a Comment