« Android Smartphone Malware Detected by F-Secure | Main | More Android Smartphone Malware Found, Removed from Marketplace »
06/13/2011
Firefox Users Not Safe from Scareware
Co-Editor
Just when you thought it was safe to surf the web with Firefox, the bad guys are at it again with a new "scareware" virus.
The news is out about a brand-new piece of malware that mimics a virus attack (sometimes called "rogue antivirus"), which then prompts you to hurry up and get the latest Windows update. But the catch is, you have to pay for it or else your PC is doomed to be destroyed (hence the "scare" tactic).
But of course, you shouldn't pay anybody anything for these scareware viruses. It's all just a scam to take your money.
We've seen plenty of scareware and rogue antivirus before, so what's different about this one? This one targets Firefox users specifically.
This is the first major red-flag. Any legitimate Windows update can only be accessed through Microsoft Internet Explorer, or run in the background of Windows: a Windows prompt will never originate from Firefox like this scareware has.
The other tricky factor, is the scareware takes you to a Windows update page that looks amazingly like a real Windows update website.
It's easy for anyone to get scared into thinking their PC is about to crash and/or become highly infected, then start clicking buttons and paying someone (whom you think is legitimately Microsoft in this case) in a hurry to save your computer.
How to protect yourself?
- First, don't panic when you see these doomsday warnings. Take a deep breath and look at the warning carefully. If the warning is completely blocking your ability to access any part of your PC, or completely interrupting all actions on your PC, it's probably scareware.
- If you click the warning button, and are taken to a new site to pay for the scareware "removal" or "update," examine the website URL carefully. The site may look very real and very legitimate (it's actually very easy to design a fake webpage of any kind). But look at the URL. Does it have "update.microsoft.com/" in there somewhere?
Be careful though, some bad guys are very tricky and will put the word "microsoft" (or some other legitimate URL) somewhere in the URL string just to make it look real. Make sure the URL says "update.microsoft.com/".
The important part is that the URL have the real address just before the first trailing slash (a real site may still have a bunch of stuff before the final ___.com/ string, but will always have the real URL before the first trailing slash). - Finally, don't give anyone your money for these scare tactics. Microsoft won't ask you for any money for a simple update if you're already using Windows OS. And if you already own antivirus software, they won't demand any money to fix your problems.
The bottom line is, Firefox users need to be just as careful as Internet Explorer users. The bad guys may not target you as often, but you're still at risk.
Be careful what you click, and make sure your antivirus software is up to date.
The comments to this entry are closed.
Comments
You can follow this conversation by subscribing to the comment feed for this post.