Webroot experts have analyzed a couple of such scams

May 1, 2013 19:01 GMT  ·  By

Webroot warns that it has recorded an increase in the number of Fake AV scams that leverage the name of Microsoft.

One of the attacks it has analyzed involves a fake Microsoft Security Essentials alert that pops up on a website.

As long as users ignore these alerts, they have nothing to worry about.

However, if they follow the instructions and install the applications served by the site, their computers become infected with a fake antivirus that keeps bugging them about fake threats until they pay a certain amount of money to “register” the so-called security app.

The Fake AVs disable the Windows firewall, create services and registries, and warn victims of infections each time a piece of software is executed.

To protect yourself against such attacks, remember the following things:

- Microsoft will not contact you to tell you that your computer is infected; - Always make sure you have an antivirus solution installed on your device; - Keep your software, including the operating system, permanently updated; - Use ad-blocker add-ons with your browser; - Refrain from clicking on suspicious links, or opening files attached to unsolicited emails.

When presented with such scams, it’s easy to determine the fact that the alert is not from a real antivirus because the pop-up appears in a website and not a program. In addition, the site’s name is likely some random string.

In case your device becomes infected with a Fake AV, you can try to run an antivirus software from your operating system’s Safe Mode. Manual removal is also possible, but it’s much more difficult and it could cause serious damage to the system.

Experts say that sites which serve such Fake AVs are usually not online for more than 24-48 hours. However, the short time frame can be enough to infect a large number of computers.

Photo Gallery (2 Images)

Fake AV
Fake AV
Open gallery