This type of infection is nothing new. You unknowingly get infected with a rogue Anti-virus/Antispyware lookalike application. They pop-up all kinds of warning boxes that LOOK like a real anti-virus warning, enticing you to visit their web site to pay for the software needed to clean the virus off your computer, using your credit card, of course. These type of infections can be particularly troublesome to remove.
Well, a new one is out in the wild, and it is unusually genuine-looking. It is commonly referred to as Win32/FakePAV, and imitates Microsoft's own "Security Essentials" anti-virus software. Once your machine is infected, a series of warning boxes will appear on your screen that look a lot like the same boxes Microsoft's own software displays. It then informs you about one or more (false) infections, and instructs you to click a link to purchase and download a rogue scanner. That scanner is, of course, nothing more than more infected software.
But it says "Microsoft"...
The most troubling thing about this particular rogue app is that it looks so much like genuine Microsoft software, that many users may be easily fooled into believing it's really from Microsoft.
"It LOOKS like Microsoft, and we can ALWAYS trust Microsoft, right? And Microsoft tells me this is how to fix my computer, so I guess it's safe to download this"
And that's EXACTLY what the malicious developers of this app are counting on. The general public thinking that it looks just like Microsoft, so it must be safe. Remember, very few if ANY legitimate security software will run a scan then display a dialog box informing you to visit their site and pay some amount of money to purchase software to remove the threats. First, the software you end up downloading does nothing more than further infect your machine. Then, of course, you have the problem of your credit card being in the possession of some unknown company.
Best ways to avoid it
- Keep your anti-virus software up to date
- Keep Windows current using Windows Update
- Avoid purchasing anything from websites that look suspicious. If it looks to good to be true, it probably is
- Only use your credit card on web sites you trust
- Anti virus software will never scan your computer and ask you to pay for a utility to get rid of an infection
- Stay familiar with the brand of anti-virus software that you have installed on your computer. If you receive an alert from an anti-virus program you have never heard of before, it is most likely a rogue lookalike infection