14 DAY TRIAL // Another day, another scam spotted in the wild. This time, it's a pay-by-phone attack, as the Sunbelt officials named it, because it attempts to steal people's money by phone. Remember that rogue antispyware attacks? Today's scam is pretty similar and let me explain why. First of all, the rogue antispyware infections informed the users that their computers got infected with some sort of virus and a certain application must be bought for disinfection.
Well, this new infection is somehow similar. It states that some security tools got expired and a new software update is recommended. The only difference is that the exploit is conducted by phone, as the victim is asked to call a phone number and enter a certain PIN that will probably charge him and transfer the money to the attackers.
"Error: Browser Security and Antiadware Software component license exprited! Surfing PORN, ADULT and some other kind of sites you like without this software is dangerow and threatens with infection of your computer by harmful viruses, adware, spyware, etc... You strongly need to update your software to avoid infection and losting information from your computer. Please complete procedure of software update", the first screen displayed to the potential victim states.
Alex Eckelberry, of security company Sunbelt, wrote that the entire exploitation is based on a website which apparently serves phone number for multiple countries including UK, France and the US. "Apparently, this is a payment processor that's now being used for malware, whether they know it or not", he wrote on the company's blog.
There's not much to do to avoid such an exploit, but extra-care is always recommended. In addition, you should install the latest virus definitions for your antivirus solution and avoid visiting malicious websites that might attempt to launch the scam.