The Rogue:MSIL/Zeven maleware identifies a user's browser to display a nearly perfect-looking version of the particular browser's malware warning page.
If a user clicks on the malware warning, they are taken to a legitimate-looking website offering fake anti-virus software known as Win7 AV.
If installed the malware performs a fake scan of the system, and falsely claims that a number of files on the system are infected with malware.
If users request that it clean the reported infections, it advises them that they need to pay money to purchase the full version.
But the malware offers no protection and the payments page is not secure, but merely aimed at stealing money and banking details.
Microsoft recommends nine steps to help prevent infection:
- Enable a firewall on your computer.
- Get the latest computer updates for all your installed software.
- Use up-to-date anti-virus software.
- Limit user privileges on the computer.
- Use caution when opening attachments and accepting file transfers.
- Use caution when clicking on links to webpages.
- Avoid downloading pirated software.
- Protect yourself against social engineering attacks.
- Use strong passwords.
This story was first published by Computer Weekly