Watch out for a rise in fake desktop utility malware. These “bad guys” are fake windows recovery tools and are making the rounds through “drive-by downloads.”
Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window in the mistaken belief that, for instance, an error report from the computer itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed.
This new variant employs some new tactics such as disabling the task manager, hiding user programs and files by modifying file attributes, hiding start menu items and disabling multiple operating system features.
As seen in the past with other fake utilities, it attempts to scare the user with fake errors and tries to convince the user to buy the product in order to fix those errors. It uses a fake icon and file name to masquerade as a legitimate file as seen below: 
It generates fake warnings:
It simulates a scan and displays fake error messages:
WHAT SHOULD YOU DO???
- Keep your anti virus up to date and RUN IT.
- If you think you might be infected, download and run Malwarebytes (www.malwarebytes.com) and Spybot Search and Destroy ( http://www.safer-networking.org/en/index.html)
- NEVER offer your personal information unless YOU have initiated the order (i.e. you are initiating an order from a legitimate website.)
- If you think you got scammed, contact your credit card company and bank immediately.
No comments:
Post a Comment
Please comment ON TOPIC only. Comments are reviewed before publishing and are deleted if I deem them inappropriate. Thanks.