14 DAY TRIAL // A number of popular websites have been compromised by cybercriminals and altered to redirect visitors to a rogue antivirus page that’s allegedly powered by Google.
GFI experts found that similar to other shady antivirus applications, the Google AV also brings up phony infections that allegedly expose the computer.
“Google systems have detected unusual traffic from your computer. Please check you PC on viruses. To continue, please download and install our antivirus software. [DOWNLOAD button] or our system will block your access to Google services,” reads the false warning.
Users who fear that their access to Google services may be blocked and click on the Download link are served a password-protected archive identified by GFI as Trojan.Win32.Fakeav.tri (v).
So far, only 2 out of 43 vendors detect the exe file as being malicious, which is why internauts are advised to ignore any suspicious antivirus software offers, even if they claim to be powered by Google.