A friend e-mailed to say that he was hit by one of those fake anti-malware scans when surfing on newsweek.com. He sent me screen shots, some of which are below (click on the thumbnail to see the full-size screen). There's a million of these out there of course, but this one caught my attention as being especially egregious for a few reasons.
First, it's kind of outrageous that a prominent site like Newsweek can be affected by such a phenomenon, although that too is an old story. Fake advertising is a disturbingly common problem. In the Newsweek case, I was one page off the home page having clicked the "Politics" link and suddenly the browser was taken over by the fake dialog box nearby.
This and all the other screens, which are intended to resemble a local PC program, are in fact HTML coming from advancedpcscanner6.com. The domain was registered on September 3 to Prakit A Jiraporn of Bangkok.
Click OK or click Cancel, it makes no difference. In either case you are brought to a fake "scan page." The screen shot is nearby, and note: this screen shot was taken on a Mac. This Mac is full of Windows malware!
Try to escape out of the page and it will warn you that you are leaving unresolved problems on the PC. VirusTotal reports that 2 scanners, Comodo and DrWeb, out of the 41 they use, detect this threat.
没有评论:
发表评论