Purveyors of fake security software don’t let much grass grow under their feet and continually make improvements to their social engineering lures.
While most of the talk for the past month has been their move to Mac with fake Finder pop-ups that appear to scan your computer, they haven’t stopped innovating on Windows either.
Their latest scam? They detect your user-agent string from your web browser and display a fake Firefox security alert if you are using the Mozilla Firefox web browser.
Internet Explorer users get the standard „My Computer“ dialog that appears to do a system scan inside their browser window.
Taking advantage of detailed information about the person’s computer and software allows for a much more specific, believable social engineering attempt.
We are likely to continue to see these criminals targeting each operating system, browser and any other details that can be gleaned from HTTP requests sent from our devices.
If you click the „Start Protection“ button you will download the latest, greatest fake anti-virus program which will perform exactly the way you would expect a fake anti-virus program to.
It will faithfully detect fake viruses on your computer until you register it for $80 or more.
If you are a Firefox user and see a warning about viruses on your computer, you will know it is fake. Firefox does not include a virus scanner inside of it and it will only warn you about visiting malicious pages.
If you get a warning about a dangerous website from Firefox you can always play it safe… Close the browser.
by Chester Wisniewski naked Security