14 DAY TRIAL // Free porn and free security, especially designed for the Windows operating system. If such offerings sound too good to be true, that's because they actually are. Generally speaking, free pornographic content, from JPEG files to full movies, as well as free security solutions, both hosted online or desktop based, are vessels designed to deliver malicious code. Social engineering schemes rely on promises and incentives, simply too good to pass by. Unlike exploits which can be mitigated, and code vulnerabilities than can be patched, social engineering takes advantage of weaknesses in human nature. And when the fault is positioned in front of the computer, there is absolutely[AMARK=1] nothing any software developer can do.
Case in point, the webpage masquerading a Microsoft AntiSpyware Center. I have already addressed this subject at the beginning of October, but security company McAfee now delivered some additional information, the most important of which is the video fragment you will be able to access at the bottom. McAfee did what I did not - and I strongly encourage you to follow my example unless you want malware to compromise your Windows - : they actually infected the operating system with malware.
"This Fake Microsoft AntiSpyware Center page purports to be an "Online Security Scanner" which scans the system for viruses and spywares. After the dupery scanning, the user will be presented with a dubious and falsified list of Trojans after which the user will be prompted to download and install an ActiveX Control to remove the threats. The infection starts when the unsuspecting user installs the alleged ActiveX control. The trojan hijacks the Internet Explorer homepage, shows fake alerts and exaggerated security threats which instigates a user to install a trial version of AntiSpyStorm product", revealed security researcher Rahul Mohandas, McAfee's Avert Labs.
The bogus Microsoft AntiSpyware Center is hosted by a website which appears to be a search engine for pornographic materials. Maxing Search (do stay away from this domain!) offers a combination of links to free pornography on top of the AntiSpyware Center. Although this cocktail has been around for quite some time, it never seems to get old, or stop producing victims.
"After installation the product offers a free system scan for threats. The reports of this scan are exaggerated and contain false errors reported as actual threat. When the user is scared into believing these threats are real, AntiSpyStorm offers the victim to download the full version and tricks the victim into entering his credit card details", Mohandas added.