Looking to save a few bucks on software will almost always lead users down a dangerous path. Users either end up at “OEM Software” sites offering unlicensed and illegal software, or to downloading cracks or keygens laced with malware.
One of the big issues here is that these sites are quite easy to find. Google searches for “cheap” or “discount” software reveal it’s very easy to come across these sites. Searches for all kinds of popular software from MS Office, to Adobe CS will bring up dangerous results.
Even searches like ‘Microsoft Windows 7’, which should be filled with Microsoft related sites and articles, instead include fraudulent OEM sites in the top results. Today, the eSoft Threat Prevention Team is warning users to be especially wary of unreleased software. A major target of these scams is Adobe, who recently released their Creative Suite 5 (CS5) software. However, searches for CS7, a product not yet announced and two versions premature, result in a solid wall of bogus search results leading to scams and malware.
Aside from poisoning search results, the criminal enterprises behind these scams are increasingly using Spam to increase their reach. The criminal rings associated with these sites also control infected machines capable of sending millions of Spam messages per day, making it very easy to draw users to these sites. Spam messages are sent offering “instant” downloads and huge savings, only leading the user to a full blown fraud operation.
Take the example of the site below, keygenguru.com. The keygen download on this page is malware that attempts to call home and download more malicious software. The other links on this page lead the user right back to the same OEM software scams.