Related Links

Top 5 Stories


Computer users warned as fake AV attack spreads

26 August 2010

Sophos urges users not to click on suspicious email attachments from unknown sources

IT security and data protection firm Sophos is warning computer users to be cautious in the wake of a widespread spam campaign designed to infect users with fake anti-virus products. If recipients open HTML files attached to the spam emails, their web browser will be directed to a hacked website containing a malicious iFrame that allows the fake anti-virus attack to be launched.

The emails that have been intercepted have a variety of different themes ranging from credit card charges to free-to-view holiday photographs.

The emails have subject lines such as:

  • Parking Permit and/or Benefit Card Order Receipt - <random number>
  • You're invited to view my photos!
  • Appointment Confirmation
  • Your Bell e-bill is ready
  • Your Vistaprint Order Is Confirmed
  • Vistaprint Canadian Tax Invoice (<random number>)

"A scam like this can be extremely successful at passing revenue directly and quickly into the hands of hackers - so we all have to be on our guard", said Graham Cluley, senior technology consultant at Sophos.

"The attacks are designed to trick people into paying to remove threats from their computer that never really existed in the first place. Once a user's computer is infected with fake anti-virus, the software will continue to bombard the user with bogus warning messages to encourage them to pay for threats to be removed or install more malicious code onto their PC. If computer users are concerned about the security of their machine, they should go directly to a legitimate IT security site, rather than put their trust in a criminal hacking gang."

Sophos detects the malicious email attachments as Troj/JSRedir-CH, and the fake anti-virus attack as Mal/FakeAV-EI.

Fake anti-virus scams are usually very successful as hackers prey on human gullibility, poorly protected websites, and the tried-and-trusted trick of scaring users into believing that they have security problems on their PC. This can lead users into downloading dangerous software onto their computers and handing over their credit card details.


This article is featured in:
Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×