Sophos, the IT security and data protection firm, has released a new warning regarding a fake anti-virus attack. The specialty of this is that it masquerades as Microsoft's security update and tricks the user into installing malicious software.
According to Sophos, criminals are looking for increasingly convincible ways to persuade consumers to download fake antivirus and copying Microsoft's own security seems to be their latest trap.
"We are seeing the criminals behind fake antivirus continuing to customise their social engineering attacks to be more believable to users and presumably more successful," said Chester Wisniewski on the Sophos blog.
"This week they've started to imitate Microsoft Update." According to Sophos, the drive-by page is an exact replica of the real Microsoft Update page, but only appears on Firefox.
"It only comes up when surfing from Firefox on Windows," said Wisniewski. "The real Microsoft Update requires Internet Explorer."
The use of high quality graphics and professional interfaces means more users are likely to fall for the scam, says Sophos.
"Users need to be more vigilant than ever before, as bogus security alerts pop-up in their browsers," says Graham Cluley, senior technology consultant at Sophos.
Just like visiting one's bank one should only trust security alerts in the browser if one initiated a check with Microsoft, Adobe, Sophos or any other vendor for updates to their software.
Fake anti-virus attacks are big business for cybercriminals and they are investing time and effort into making them as convincing as possible, Graham Cluley says.
"We are seeing the criminals behind fake antivirus continuing to customise their social engineering attacks to be more believable to users and presumably more successful," said Chester Wisniewski on the Sophos blog.
"This week they've started to imitate Microsoft Update." According to Sophos, the drive-by page is an exact replica of the real Microsoft Update page, but only appears on Firefox.
"It only comes up when surfing from Firefox on Windows," said Wisniewski. "The real Microsoft Update requires Internet Explorer."
The use of high quality graphics and professional interfaces means more users are likely to fall for the scam, says Sophos.
"Users need to be more vigilant than ever before, as bogus security alerts pop-up in their browsers," says Graham Cluley, senior technology consultant at Sophos.
Just like visiting one's bank one should only trust security alerts in the browser if one initiated a check with Microsoft, Adobe, Sophos or any other vendor for updates to their software.
Fake anti-virus attacks are big business for cybercriminals and they are investing time and effort into making them as convincing as possible, Graham Cluley says.
