Tuesday, September 13, 2005

Phoney Anti-Spyware Software Lures Unsuspecting Users

Gregg Keizer writes on TechWeb News:

A scam that's spoofing Microsoft's Windows Security Center shows that phishers are increasingly abandoning the traditional e-mail ploy of telling consumers their bank accounts are at risk, a security expert said Tuesday.

Like the most dangerous and devious phishing attacks, this one is based on a Web site. Users enticed here face a fake portrayal of Microsoft's Windows Security Center.

The bogus site displays such factual information as the user's IP address, the browser being used, operating system, and country of origin. Along with that, however, the page claims that an attacker "has gained access to your computer and is collecting the information about the sites you've visited and the files contained in the folder 'My Documents.'" A pop-up also alleges that the PC has been infected with a rogue .dll -- a piece of spyware dubbed "W32.Sinnaka.a" -- that's collecting private data.

It's all a lie, said Patrick Hinojosa, the chief technology officer of Panda Software.

There's no such online edition of Windows Security Center -- that's actually an on-disk utility in Windows XP -- nor is there any legit malware by the name of Sinnaka.a.

0 Comments:

Post a Comment

<< Home