"Casher crew" from global $45m cyberheist busted in New York - 1 dead, 7 face trial
May Patch Tuesday coming up - Microsoft still not sure if latest 0-day fix will make the cut
An unholy alliance - Fake Anti-Virus, meet Bogus Support Call!
Join thousands of others, and sign up for Naked Security's newsletter
Don't show me this again
by Paul Ducklin on May 11, 2013 | 25 Comments
Filed Under: Fake anti-virus, Featured
I'm sure you're familiar with fake anti-virus scams, or scareware.
That's the stuff that pops up, usually while you're browsing, to warn you about potential security risks.
Would you like a free scan?
Of course you would, and of course there are threats: viruses, spyware, dangerous cookies, sometimes dozens of terrifying malware items that your current security software must have missed.
Would you like to clean up (recommended)?
Well, why not?
Hmm. The cleanup isn't free: you have to pay, but when you do, all the "threats" magically disappear.
Of course, there's no magic, just deceit: the software simply stops lying to you about threats, and sets a configuration setting to remind itself, "This victims's paid up, pretend they're clean."
And I'm sure you're familiar with fake support call scams.
Your phone rings, and it's a surprisingly pushy chap who claims to be "working with Microsoft," or something like it, who has spotted suspicious network activity emanating from your PC.
"Would you like to do a free check for viruses, using diagnostic software built into Windows?"
Of course you wouldn't - who on earth does this guy think he is, calling you out of the blue? - but he's not taking no for an answer, and it's free, and you've got a virus, and what if you get sued for infecting other people, and...
So you reluctantly do the diagnostic test, and of course there's a diabolical virus that your current security software must have missed.
"Would you like to clean up?"
You do? That'll be $275 please. But, look! That terrible virus has gone!
In both cases, you've been offered advice you weren't seeking, from sources you didn't know, that used scare tactics to trick you into paying money for absolutely nothing. Deceit, extortion, fraud.
But it's not all plain sailing for the scammers.
The problem with the cold callers is that, by and large, they're hideously rude bully-boys who sound just as dodgy as they are.
Click. Down goes the phone.
And the problem with scareware popups is that people are getting wise (or at least inured) to their fanciful lies.
Click. Away with the warning dialog.
So it was amusing to have my attention drawn, thanks to Naked Security reader Alain Roy, to a scareware campaign that deliberately, if rather haplessly, tries to fuse these two approaches.
Don't waste your time calling 10,000 people until you find one who is scared enough that you can intimidate them into paying up!
Pre-select your victims by getting them to call you:
(Windows must be more pervasive and perspicacious at finding scareware than I thought - that's Safari on OS X!)
Then you get the traditional bogus security scan you're used to from scareware:
And there's even the legalistic smoke-and-mirrors like the cold callers use. (You'll notice that they hardly ever actually say outright that they work for Microsoft - it's always with Microsoft, or in Windows support, as though that somehow mitigates the arrant dishonesty of everything else they tell you.)
Well, now you know.
The scareware dialog is "not to be taken literally," and has been "modified in multiple ways."
Of course, on the real fake site, the disarmingly accurate Terms and Conditions appear in about 6-point black letters on a dark blue background, and the main way the "story" has been "modified" is to remove all vestiges of truth...
...but it nevertheless brought a wry smile to my weekend.