Fake Microsoft Patch Email Carries MalwareOctober 15, 2008
An e-mail is circulating that claims to be a security e-mail from Microsoft. The e-mail comes with an attached executable, which is disguised as the latest security update but is actually Trojan.Backdoor.Haxdoor, and encourages the recipient to run the attachment so they can be safe. Click here for details
Fake 'Breaking News' Emails Carry MalwareAugust 13, 2008
Malicious emails are circulating that pretend to be breaking news alerts from CNN or MSNBC (look for other legitimate news outlets to be added in future versions). If you click on one of the 'Watch the video' links, this image will pop up:
Clicking through will install malware to hijack your computer and make it part of a botnet. If you get these emails (or ANY email with a news headline as the subject) delete without opening.
Fake Antivirus 2009July 26, 2008
A new Rogue anti-spyware program called Antivirus 2009 was released this weekend that for the most part, acts just like all the rest. It displays false results, it is advertised through misleading web sites, comes bundled with malware, displays fake results, and requires you to first purchase the software before you can remove anything.
What makes this rogue a bit different, though, is how it hijacks the Google homepage and search results by inserting an advertisement for Antivirus 2009. When Antivirus 2009 is installed, it will install a Internet Explorer browser helper object called C:\Windows\System32\winsrc.dll. This program will automatically load when Internet Explorer starts, and when you visit certain sites, it will insert its own information into the web pages that are retrieved. Currently the information that is inserted into the Google home page and search results is a misleading advertisement for Antivirus 2009. The current text of the advertisement is:
The advertisement is actually one big link that if clicked will bring you to a page at the hxxp://microsoft.browserprotectioncenter.com/ site that says you are infected and should purchase Antivirus 2009. The tactic being used by this Rogue is to trick the infected user into thinking a well known and highly trusted brand, like Google, is actually endorsing their products. In reality, though, this is just another scam being used to steal your money. If you are infected with Antivirus 2009, you should use the following guide to remove the malware for free. If you have already paid for the software, please contact your credit card company immediately and dispute the charges.
How to remove Antivirus 2008