Fake antivirus softwares plague internet

Once a machine is compromised, the Trojan displays a fake infection alert to entice the users to buy a "security tool" – fake antivirus software in order to get rid of the infection. (AFP)

Fake antivirus software peddlers are infecting legitimate websites with malicious javascript that take users to malicious websites from where 'fakeav' variants are served to infect machines, said TrendLabs.

Criminals are using a "defer" attribute, which enables the malicious JS_AGENT.AOEQ to delay its execution to avoid detection, so users will not suspect that their systems have already been compromised.

Once a machine is compromised, the Trojan displays a fake infection alert to entice the users to buy a "security tool" – fake antivirus software in order to get rid of the infection.

Unsuspecting users then part with their financial/credit card detail to the criminals, which is the criminals ultimate goal.

"Criminals today are constantly developing new malware and tactics to scare internet users to buy fake products and part with their personal and financial data," said Nick Black, Technical Manager, Trend Micro Mediterranean Middle East and Africa.

"Across the Middle East we are increasingly dependence on the web and that raises our vulnerability," said Black.

Regular scanning of machines is very important in detecting threats. Trend Micro has recommended the some tips:

- As traditional antivirus software do not block legitimate sites even when compromised, users are advised to use security suites that use web reputation technology to block access to malicious sites.

- Website administrators should regularly scan their sites to ensure they are not inadvertently hosting any malware.

- Users should keep their guards up when surfing the web. Always hover over a link to see if it looks legitimate. If the URL looks obscure it could be a redirect. It is safer to err on the side of caution.

- Users can run a free scan using tools such as HouseCall to confirm if they have been infected.

HouseCall is an application for checking whether your computer has been infected by viruses.

 

Keep up with the latest business news from the region with the Emirates Business 24|7 daily newsletter. To subscribe to the newsletter, please click here.

 

Print Email