August 22, 2008
As Leo Laporte puts it…
“It’ll even pretend to scan your computer and find infections, then offers to fix it with AntiVirus 2009. Looks very official, very legit. But it isn’t. AntiVirus 2009 is a trojan horse that will take over your computer and steal your money”
As BleepingComputer.com, they describe it as…
“a new rogue anti-spyware program from the same family as Antivirus 2008 and Doctor Antivirus . Antivirus 2009 is installed and advertised through the use of misleading web sites that attempt to make you think your computer is infected with a variety of malware. Once installed, Antivirus 2009 will scan your computer and list a variety of fake infections that can’t be removed unless you first purchase the software. These infections are fake, though, and only being shown to scare you into purchasing the software.
When Antivirus 2009 is installed, a Internet Explorer browser helper object is also installed that displays fake messages when using Internet Explorer. These messages range from a line at the top of the browser stating an infection was found to adding a box to the Google homepage stating Google detected that your computer was infected. These tactics are just two more methods where Antivirus 2009 uses false information to scare you into purchasing their software. A more detailed writeup on how the Google home page is hijacked can be found here.”
For complete instructions on how to Remove Antivirus 2009, visit the article BleepingComputer.com
July 29, 2008
Phishing scams are also a big problem. A good example is when someone sends an email that appears to be from your bank, but when you enter your information in the fake web form, the scammers steal your data.
Another definition describes it as a form of social engineering, characterised by attempts to fraudulently acquire sensitive information, such as passwords, or credit card information.
According to Symantec, these are the ways to protect yourself from Phishing attacks…
- Be wary of emails asking for confidential information—especially of a financial nature. Legitimate organizations will never request sensitive information via email.
- Don’t get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
- Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them.
- Never submit confidential information via forms embedded within email messages.
- Never use links in an email to connect to a Web site. Instead, open a new browser window and type the URL directly into the address bar.
- Maintain effective software to combat phishing. [many anti-virus programs now] automatically detect and block fake Web sites. They may also authenticate major banking and shopping Web sites.