The Scenario :
You get a warning; you have a virus but you can’t get rid of the message it doesn’t matter how much you try it keeps popping up, so you give in and click to buy the software licence fix.
BAM, you’ve been had; you have just been scammed in what is seen as the biggest cybercrime in the last decade.
Fake viruses are on the rise, this is because the attacker doesn’t have to rely on your lack of security, and instead it works on your fears, this is how they work. This post points out what the fake virus scam is and what the key points of this attack are.
The Stages :
-
First you download some software from a rogue website or respond to a link in an email, which sparks the malware to be run or install on your PC. Nothing magically happens at this stage, however at some point it will change your screensaver or desktop and possibly disable your antivirus program.
-
Next, it will display a message that you have been hit by a virus and display an authentic looking antivirus screen, this will be accompanied by a scanning screen displaying that your PC is being scanned (this will look like it is happening a lot quicker than it would actually take to scan your PC…)
-
Your next prompt would be to fix the problem, you will be invited to download the full version of the scanning software, which will cost you a fee (this can be anything and we have witnessed fees of £50 – £80). If you were to proceed from this point your credit/debit card will be charged and you would have passed over to the attacker your credit card details.
-
Finally, and depending of the severity of the attack, you either will not hear from the company ever again and be left with pop-ups and malware installed or you will be asked to download “the fix” or full version of the program where you will be actually downloading further malware in the form of Trojan viruses, password skimming tools, spyware or other hacking tool.
So those are the four phases of this kind of social engineered attack, please be mindful and watch where you surf and what you click.