According to Sophos’ Chet Wisniewski, a senior security advisor with the firm, this new scam features a near-flawless copy of the real Microsoft Update website, with one major exception: the page only appears when accessing it via the Firefox web browser, whereas the Microsoft Update page requires the use of the company’s Internet Explorer.
In his latest security blog, Wisniewski warns that the people behind such fake anti-virus scams are refining their products, as they continue to take on a more professional and accurate appearance.
Apparently potential targets of this scam are being alerted via a pop-up warning when directed to web pages via poisoned search results. When accessing the infected page using Firefox, the pop-up tells users they need to install an urgent update. But, as Wisniewski warned, “you should only trust security alerts in your browser if you initiated a check with Microsoft, Adobe, Sophos, or any other vendor for updates to their software.”
Meanwhile, Wisniewski’s colleague at Sophos – senior technologist Graham Cluley – said that people need to exercise extreme caution when presented with pop-up security alerts.
“Fake anti-virus attacks are big business for cybercriminals and they are investing time and effort into making them as convincing as possible”, he commented. "Malicious hackers are using smart social engineering tricks more and more often, and the risk is that users will be scared by a phony warning into handing over money to fix problems that never existed in the first place."