Malware posing as an antivirus scanning utility is nothing new, but they usually take the guise of an unknown brand rather than one of the best known. Now, scammers have begun combining tactics and using the trusted Microsoft name to convince unsuspecting users to install their malicious code and give out personal information.
Cyber-security company F-Secure has issued a warning that a fake utility posing as Microsoft Security Essentials has begun making the rounds. Experienced computer users will likely be able to spot the imposter, but others are at risk.
It is distributed by drive-by-download attacks as hotfix.exe or mstsc.exe, and pops up as a “severe” Microsoft Security Essentials potential threat alert. The detected “threat” is listed as an Unknown Win32/Trojan.
"Not only does this fake took steal Microsoft's brand, it also features a bizarre matrix display of 32 antivirus products, offering to locate you a tool that would be capable of fixing your machine as 'Microsoft Security Essentials' can't clean the malware it found," the warning from F-Secure said. "In reality, this is all fake, and the tool has not found an infection in the fail it claims."
The counterfeit Security Essentials then recommends that users purchase and install AntiSpySafeguard, Major Defense Kit, Peak Protection, Pest Detector, and Red Cross, none of which are real antivirus utilities, to clean out the infections on their system. Scammers then would not only have malware on the user’s system, but would also have gained personal and financial information from the fake transaction.
Again, all of this is probably terribly obvious to you savvy net users out there, but most of you have family and friends who are inexperienced and could fall for such a thing. If you know anyone who fits that bill, now would be a good time to raise their awareness.
