Scareware – Page 9 – Paul's Tech Talk

Updated list of scareware Sites 7/24/09

PaulJuly 24, 2009

As you have read in my Previous post:

[intlink id=”4002″ type=”post”]More Fake Antivirus Sites Pop up[/intlink]

[intlink id=”3990″ type=”post”]Don’t Take it Personal, It’s just Fake Antivirus[/intlink]

[intlink id=”3964″ type=”post”]More Personal Antivirus Fake or Scareware sites[/intlink]

I figured we would update those list with some more that came out yesterday or Wednesday. I will probably be keeping this up. This will help people find out domains that should be avoided.

So here are a few that I’ve found:

personalfolderscanv2.com

onlineantispywarescanv6.com

onlinevirusscanv9.com

privatevirusscannerv2.com

Windowssecurityinfo.com

All those are [intlink id=”3607″ type=”post”]Personal Antivirus scareware sites[/intlink] that try to convince you that you have a virus and tries to get you to buy a registered copy of this fake Antivirus which does nothing. They make money by not doing anything. These sites might also try to get you to install the fake software which in reality is a Trojan, Virus, Or just Malware all together. You should never install software from sites you don’t know anything about.

Threat to System :Moderate

[rating:4/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

[ad#SUPERAntiSpyware]

Computer Security : How you get infected with Malware?

PaulJuly 22, 2009

I have had several people how they get infected in the past few weeks and I have scoured the internet to try to come up with some answers. There are several ways to get infected and we will discuss them all here. In case someone wants to get a better idea on how to avoid these commons ways of infections

What is an Exploit?

This by nature is the first thing we need to discuss because exploits are most common with Malware due to the fact that they like to use them to gain control over an Application or computer.

An Exploit is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as violently gaining control of a computer system or allowing privilege escalation or a denial of service attack.

[Via Wikipedia]

Now it can come from several vectors that I know of and it doesn’t just have to be one but has to have several different programs running to happen. You see malware authors like to write code to crash your system in a way. Just like a Remote Code Execution, when they run the code it does something to the computer to make it install software without the users knowledge or permission. When Remote Code execution happens it is most commonly used to take control over a computer process where the program is located in memory or on the hard drive.

Opening a PDF

As you explore the internet you may come across sites with PDF’s that are there to hide there true nature. Just like the H1N1 Virus that is epidemic in the US, Malware authors are using PDF to run a number of possible exploits on people computer. There are a number of exploits that can be used in PDF and even examples for those who want to understand it even more. It however means you should turn off auto-load PDFs in your browser. Any browser will auto load PDFS without having to open a new session it will load in your browser without as much of a warning.

Fake files name

I don’t know what else to call this but you get an email with what looks like it is a picture but that isn’t always true. For example you would get a email from a friend and it says it is a document and may look like documentname.doc.exe which will also use an ICON that looks like a document and may fool you. See the Hidden File extensions that need to be fixed in Windows 7 for examples of what I mean.

Fake Codecs

Codecs are a necessity to view videos but most often are not real. [intlink id=”2991″ type=”post”]Fake Codecs[/intlink] are a way to get you to install malware when you actually think it is a codec. Install fake codecs can lead to trojans, virus, or even key loggers. I’ve talked abut this from time to time but figure it would be good to remind people about this.

Installing Fake Antivirus Software

Sometimes you may get to a [intlink id=”3964″ type=”post”]site that may look like it is a real antivirus[/intlink] but it in reality is a [intlink id=”3713″ type=”post”]scam and will scare[/intlink] you into buying there product. Sometimes the [intlink id=”3114″ type=”post”]Scareware will say you are infected and send you a file to run to help protect you,[/intlink] if that ever happens don’t run it. You should never run programs from sites that you have never heard of. Always go to trusted vendors first or at least Google for the product name before you install any questionable software.

Website tries to use web Browser exploits

Just like WebAttacker uses scripts to try to exploit several different known exploits in IE and other such Browsers. This is the most common way to get virus or trojans to be install into a computer. That is why I will always recommend getting away from IE and running Firefox or some other low profile web browser

Windows Up to Date

It is very important to keep you Windows System up to date. That said you got to understand that if you don’t keep your system up to date there will always be an increasing possibility of getting an infection. Due to the fake that malware authors right after Patch Tuesday will know exactly how to exploit a system that hasn’t updated there windows system to current. Install Service packs and other patches is the one way to keep malware authors at bay.

In one of my next posts I will recommend software to use to help prevent some of this or even how to disable some of the most common exploits. If you like this post please feel free and tell you friends so they may also learn more about Computer Security.

[ad#SUPERAntiSpyware]

Don’t take it personal, It’s just a Fake Antivirus

PaulJuly 21, 2009

So We come back to a few more examples of Personal Antivirus Scareware sites:

So I say don’t take it personal because you probably have those scareware pop ups saying you have a virus. If that is the case paying these fake Antivirus gangs money will not protect your computer. Here are a list of Sites that are Rogue Antivirus:

antivirusonlinescanv9.com ([intlink id=”3607″ type=”post”]Personal Antivirus scareware[/intlink])

checkyoupconlinev2.com ([intlink id=”3607″ type=”post”]Personal Antivirus scareware[/intlink])

2009antivirpro.com ([intlink id=”3805″ type=”post”]Antivirus System Pro Scareware[/intlink])

avremover-pro.com ([intlink id=”3805″ type=”post”]Antivirus System Pro Scareware[/intlink])

aviremover-2009.com ([intlink id=”3805″ type=”post”]Antivirus System Pro Scareware[/intlink])

antivir-prof.com ([intlink id=”3805″ type=”post”]Antivirus System Pro Scareware[/intlink])

antiaware-pro.com ([intlink id=”3805″ type=”post”]Antivirus System Pro Scareware[/intlink])

I call these sites Scareware because there is usually some warning or popup saying you have a virus or a trojan, or even saying something like system alert. You will usually see something like a shield or eve times when the Rogue Antivirus will load up there fake page. Be sure to check out some of my [intlink id=”2205″ type=”page”]Antivirus[/intlink] Suggestions and decide for yourself.

Remember these fake sites only thrive when you let them.

It is Recommended : [ad#SUPERAntiSpyware]

More Personal Antivirus Fake or Scareware Sites

PaulJuly 19, 2009

As I am Looking through some sites I find out about:

As you know [intlink id=”3607″ type=”post”]Personal Antivirus is Scareware[/intlink] and is not a real [intlink id=”2205″ type=”page”]Antivirus Software[/intlink] like the ones I have on my website. This tries to scare you into buying there fake software then does nothing to protect the user.

The Following Sites have been identified to be Associated with Personal Antivirus:

totalvirusscanc3.com

antivirusbestscanv5.com

liveantivirusinfov2.com

proantispywarescanv3.com

And All of these are ready to be used and probably will be used in the next coming weeks. If you feel you have one of these scarewares on your computer I recommend downloading SUPERAntiSpyware and remove this this scareware from you system..

RECOMMENDATION : [ad#SUPERAntiSpyware]

Remember these are online and you shouldn’t go these sites because of the possibility that they will redirect you to the a Trojan or Malware URL. You best bet is to stay clear of them.

[ad#tmi-right-1]

Fighting ‘Scareware’ One List at a time

PaulJuly 16, 2009

Techworld has published an article that describes how the AV Vendors are compiling a Whitelist of AV Vendors who are really trying to keep there users safe and not trying to ‘[intlink id=”3805″ type=”post”]Scare[/intlink]’ the user into buying a rogue look a like. They’ve published a Preliminary set of real Antivirus Softwares along with there Company:

As you can see there are at least to that are not listed. I’ve contacted [intlink id=”3884″ type=”post”]SUPERAntiSpyware[/intlink] about this and they turned right around and started to ask to be added and should be Added in the coming months. The other is [intlink id=”3851″ type=”post”]Malwarebytes[/intlink] and I am hoping they jump aboard and get in contact with this forum.

The Guys over at [intlink id=”3884″ type=”post”]SUPERAntiSpyware[/intlink] were really grateful that I came across this. This list will soon help fight the [intlink id=”3918″ type=”post”]SCAREWARE Tactics[/intlink] of the Cyber Criminals. Truth of the matter is educating oneself and doing a little bit of research can help you determine if the program or company is real or just another rogue company out there. If your looking for some good Antivirus Software check out my [intlink id=”2205″ type=”page”]Antivirus Page[/intlink] and see some of the FREE Antivirus Software out there that can help protect your system.