Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Scareware. Show all posts
Technology
AI Fake Sites Internet Microsoft Scareware Tech Support Scam Technology

New Microsoft "Scareware Blocker" Prevents Users from Tech Support Scams

New Microsoft "Scareware Blocker" Prevents Users from Tech Support Scams

Scareware is a malware type that uses fear tactics to trap users and trick them into installing malware unknowingly or disclosing private information before they realize they are being scammed. Generally, the scareware attacks are disguised as full-screen alerts that spoof antivirus warnings. 

Scareware aka Tech Support Scam

One infamous example is the “tech support scam,” where a fake warning tells the user their device is infected with malware and they need to reach out to contact support number (fake) or install fake anti-malware software to restore the system and clean up things. Over the years, users have noticed a few Microsoft IT support fraud pop-ups.

Realizing the threat, Microsoft is combating the issue with its new Scareware Blockers feature in Edge, which was first rolled out in November last year at the Ignite conference.

Defender SmartScreen, a feature that saves Edge users from scams, starts after a malicious site is caught and added to its index of abusive web pages to protect users globally.

AI-powered Edge scareware blocker

The new AI-powered Edge scareware blocker by Microsoft “offers extra protection by detecting signs of scareware scams in real-time using a local machine learning model,” says Bleeping Computer.

Talking about Scareware, Microsoft says, “The blocker adds a new, first line of defense to help protect the users exposed to a new scam if it attempts to open a full-screen page.” “Scareware blocker uses a machine learning model that runs on the local computer,” it further adds.

Once the blocker catches a scam page, it informs users and allows them to continue using the webpage if they trust the website. 

Activating Scareware Blocker

Before activating the blocker, the user needs to install the Microsoft Edge beta version. The version installs along with the main release variant of Edge, easing the user’s headache of co-mingling the versions. If the user is on a managed system, they should make sure previews are enabled admin. 

"After making sure you have the latest updates, you should see the scareware blocker preview listed under "Privacy Search and Services,'" Microsoft says. Talking about reporting the scam site from users’ end for the blocker to work, Microsoft says it helps them “make the feature more reliable to catch the real scams. 

Beyond just blocking individual scam outbreaks” their Digital Crimes Unit “goes even further to target the cybercrime supply chain directly.”

Read more »
Scareware
hacker news Malware Report Scareware

Advertising SDK delivers Android scareware, victims signed up with a premium-rate ringtone

Bitdefender researchers have uncovered that several legitimate applications containing the InMobi advertising SDK displays fake alert message.  It includes the older version of the legitimate "Brightest Flashlight Free" app available on Google Play.

The apps in question display pop-up informing that the user's device is infected with malware and urge them to purchase a tool to disinfect the malware.

The users who follow the link will be asked to enter the phone number to download the tool.  By doing so, they actually get signed up with a premium rate ringtone and wallpaper service that charges €3.00 per week plus taxes.



According to the researchers, the providers of the ad module ain't aware their service is being abused by cyber criminals to deliver malware. It appears the ad accidentally reached the market.

If you have fallen victim to this scam, you can just "unsubscribe by sending SMS to the number mentioned in the T&C section of the website", "immediately uninstall the apps you downloaded recently".
Read more »
Scareware
Fake Antivirus Malware Report Rogue security software Scareware

70% Antivirus Solutions still fails to detect Fake AV


Fake Antivirus (scareware) also referred as Rogue Security software, is one of the most frequently encountered malware threats which pretends to be legitimate security software.

Fake AV attempts to scare victims into believing their system is infected with malwares that do not really exist. It will continue to display annoying fake virus warnings and asks victims to pay money to clean up the non-existent malwares.

The recent research from Zscalar researchers shows that more than 70% legitimate Antivirus application(12/43) fails to detect the fake AV. Three years back, the detection ratio of Fake Av is 6/41.

Fortunately, Google Safe browsing and Internet Explorer (Smart Screen Filters) blocked the malicious page which serves the Fake Av.

According to the researchers, the malware disable the Firewall and existing AV solutions, disables AV updates, disables security warnings and sets itself as the default AV solution.

The malware further downloads and runs the file called 'data.exe' from a malicious domain which is blocked by Google Safe browsing, but the exe is detected by only 9/46 AV.
Read more »
Scareware
Malware Report Scareware

Scareware hides All Files and Folders, Offers Fix for $80

Bitdefender researcher come across a nasty scareware that attempts to hide all files and folders in victim system and trick users into buying a pretend repair tool for fixing.

"The approach of hiding some folders or files is not new in the cybercrime world, but hiding all folders and then offering a mending tool is an example of astute of social engineering." researcher said.

The malware simply hides files and folders by modifying file attributes. Besides hiding the files, it also disable key shortcuts.



Unfortunately, the user is neither able to see them as hidden nor set them as visible from Windows Explorer due to the intervention of Win32.Brontok.AP@mm, the Trojan that downloads the scareware on the compromised system.

As a true representative of its scareware “species”, Trojan.HiddenFilesFraud.A displays multiple error windows informing the user that it could not write something in system32 due to a critical hard-disk error. Confusing is that these messages appear to have come from the OS itself.

Just about now, the user is supposed to be scared enough and convinced to reach for his pocket and pay $80 for the repair utility that will do absolutely nothing once purchased. The scam is done, the money is gone.

Read more »
Subscribe to: Posts (Atom)