14 DAY TRIAL // Vietnamese security vendor Bkis warns that scareware distributors are distributing rogue links on question and answer portals that lead to fake Yahoo! Answers sites.
The links point to a .tk domian that contains the words yahoo and answers in its name and are part of messages reading "anyway, I think this will help you http://answers-yahoo-z.tk" or "you might find the answer here [link]."
Clicking on the links opens a page looking like the Yahoo Answers website with a button reading "download answer," which serves as an executable file.
According to the Bkis researchers who analyzed the attack, the exe file is the installer for a fake antivirus program from the Security Shield family.
Also known as scareware or rogueware, these fake antivirus programs scare users into believing their computers are infected with malware by displaying fake alerts.
Trying to clean the alleged infections using these rogue applications will usually result in an error claiming the professional version that needs a license key is required.
People who fall for this type of scam not only spend their money on an otherwise useless program, but also compromise their credit card details in the process.
Some of the rogue messages spamming this particular link have been spotted on the real Yahoo! Answers website, but other Q&A sites have also been targeted according to Bkis.
Scareware remains one of the most common threats on the Internet at the moment. According to recent reports, 2010 was the busiest year for scareware creators, accounting for 40% of all such application even produced.
Scareware also has a significant impact on cybercrime in general. Because it is one of the most financially successful cyber criminal enterprises, it is constantly used as a method for funding other illegal activities.
Users are advised to be cautious when dealing with answers that contain links. Running an up to date antivirus program is critically important to staying protected from such threats.