Security company Sophos has reported that a new fake anti-spyware software solution has been spotted
on the web, attempting to reach users' computers in order to trick them to buy the full version of the application. Just like many other similar scams in the past, the program launches fake security warnings supposed to convince the user that the full version of program is really needded. Buying the software does nothing more than stealing your money so, in case you have doubts that such a malicious tool reached your system, scan it with a legitimate antivirus product.
Getting back to today's Sophos Trojan alert, the Troj/FakeAV-M only affects Windows operating systems and display a balloon notification: "WARNING: Your computer is infected. Windows has detected spyware infection! Click this message to install the last update of Windows security software."
According to Sophos, "When first run Troj/FakeAV-M changes/sets the following registry entries to run itself on startup":
CODE
HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun
We've seen lots of similar attacks in the past and it seems like it tends to become a trend to create rogue anti-spyware technologies which aim to trick people into buying the full version of the software. That's why it's quite important to stay away from suspicious websites that may attempt to drop the infection as well as to keep the antivirus/security product up-to-date with the latest virus definitions and patches.
And, as usual, ignore the emails arriving in your inbox and sent by unknown or mistrusted sources because today's hackers and spammers attempt to find new victims and vulnerable computers by sending tons of unsolicited mail to recipients from all over the world. Moreover, installing an anti-spam technology would be a great idea because it will surely bring you a bit more security for your computer.