Fake Antivirus Software Method of Delivery [Archive] - Glock Talk


View Full Version : Fake Antivirus Software Method of Delivery

04-29-2010, 12:37
NEW SCAM ALERT Sent to me via Lifelock.com :shocked:

Type: Fake Antivirus Software

Method of Delivery: Pop-up Windows

Primary Region Effected: All Regions (National)

Source: Scam Busters (scambusters.org) http://www.scambusters.org/fakeantivirus.html


Scam Characteristics: In one of their latest tactics, scammers are attempting to create confusion among computer users by taking advantage of the growing need for antivirus protection.

While surfing the web, you may receive a virus alert in the form of a browser pop-up window stating "Your Computer Has Been Infected!" or some variation of this message. This phony notification is intended to scare you into purchasing or downloading software that supposedly fights viruses, spyware, and malware. However, the fake software does not work and actually infects your computer with the same dangerous programs it claims to protect you from.

The fake virus pop-ups closely resemble legitimate and well-known brands by using similar logos, colors, and graphics. It is extremely important that you do not click on these fake advertisements. See below for more information on how you can reduce your risk of accidentally infecting your computer.

Note: A pop-up is a browser window that suddenly appears when you access certain websites. While most are simple advertisements, some are clever attempts to get you to download viruses and malware. A fake antivirus pop-up window may vary in appearance, but will often mimic the look of popular and well-known brands.

The following are steps you can take to help avoid becoming a victim of this scam:

1. If a virus alert pop-up appears on your screen, and you know you don't have that brand of antivirus, do not click on it, do NOT use your mouse to eliminate or scan for viruses, and do NOT use your mouse to close the window. Instead, hit control + alt + delete to view a list of programs currently running. Delete the offending alert from the list of running programs.

2. Download antivirus from trusted sources only. If you are unsure, LifeLock encourages you to research antivirus programs to help ensure their legitimacy.

3. Do NOT click on any pop-ups that advertise antivirus or anti-spyware software, even if it appears to be from a well-known brand such as Norton, Grisoft AVG, and McAfee. Scammers often try to closely resemble a trusted source.

4. If you do not currently have antivirus protection for your PC, LifeLock recommends protecting your PC with the award-winning Norton 360. Take advantage of a special members-only discount by visiting http://norton.lifelock.com/360.

PLEASE NOTE: LifeLock will never call you to ask for personal information. We may call to notify you of an alert and ask you to authenticate yourself by confirming your date of birth or the last four digits of your Social Security number, for example. For your protection, if we need to collect information, we will always ask you to contact us at 1-800-LifeLock (1-800-543-3562) or provide your information via your 'myLifeLock' account management page on www.lifelock.com.

View our Privacy Policy at www.lifelock.com/privacy
View our Terms and Conditions at www.lifelock.com/terms

If you wish to change your email preferences, please visit www.lifelock.com/subscribe.

Copyright 2009. LifeLock. All Rights Reserved.

This email was sent to cardenhm@yahoo.com. You can instantly unsubscribe from these emails by clicking here.

"No people will tamely surrender their liberties, nor can any be easily subdued, when knowledge is diffused and virtue is preserved. On the contrary, when people are universally ignorant, and debauched in their manners, they will sink under their own weight without the aid of foreign invaders." - Samuel Adams

04-29-2010, 15:19
A point of clarification, this isn't a new scam.

But this is something people need to be aware of. Most malware now spreads via social engineering tactics. Instead of finding a vulnerability in the operating system malware writers are targeting the weakest point in every security scheme, people.

If you see a window appear that claims you have a virus and you're not sure if your anti-virus program is bringing it up or now there is a quick method of checking, close your web browser. If the anti-virus notification goes away you know it wasn't your anti-virus program displaying it.

filthy infidel
04-29-2010, 15:53
Old stuff, but still effective. The lion's share of home virus calls I get are from folks getting the 'personal protection' antivirus. It fills your screen with fake warnings, prompting you to 'purchase protection'. When you pay, it just turns off the warnings. Often it will disable your mouse, keyboard, control panel......

Booting into Safe Mode and running Malwarebytes will *usually* get it.

04-29-2010, 16:59
My wife did it 2 weeks ago. It was tough to eliminate.

Still one or two bugs in the system as a result.

04-30-2010, 05:01
It comes across to me as junk mail from Lifelock trying to sell you a copy of Norton, and using scare tactics to do it.

04-30-2010, 05:10
It comes across to me as junk mail from Lifelock trying to sell you a copy of Norton, and using scare tactics to do it.

Not really... LifeLock caters to people who have either been victims of ID Theft(and are therefore very paranoid about it) or people who are just paranoid about ID theft.

The scam mentioned in the email, is real.. We've all seen it in one way or another, and ChristopherBurg explained the social engineering factor well... The ad, while it does mention they recommend Norton, it recommends getting Antivirus from only a trusted source, and to research the product.

Pretty difficult for me to find fault w/ that advice..


04-30-2010, 05:36
I'm aware the virus is real, I've been cleaning it off computers for quite a while now, and their alert is really late.

But I still see it as a marketing email to encourage you to buy Norton from Lifelock, even though Norton won't block it. But apparently that's just me.

04-30-2010, 14:35
Norton will not block it. After Norton let it on my wifes computer, it cost me $140 to get it removed, as I am not that versed in reg files.

04-30-2010, 14:51
Norton will not block it. After Norton let it on my wifes computer, it cost me $140 to get it removed, as I am not that versed in reg files.


Holy crap dude... learn to backup and restore. That's probably almost as much as the whole dang PC is worth.


04-30-2010, 16:05
Welcome to the year 2006.