Tag Archives: Rogue Security Products

Fakealerts Invade Google Image Search Results for ’24′ Star

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Searchers beware: Those photos of celebrities or funny cat pictures that turn up in your Google image search results might not be photos at all, but fake antivirus alerts. Evidence appears to indicate that a similar scam to one we blogged about last November may be working its way up the Google food chain into other forms of search results.

While searching for photos of Annie Wersching, an actress who recently joined the cast of the TV show 24, we stumbled into one of these javascript-enabled fakealert browser traps. Oddly enough, when you click one of these bogus linked pictures in the Image Search results frame, the original Google search frame remains at the top of the page. The fakealert runs in the lower part of the page, closing the Google search pane but retaining the Google URL in the browser’s Address Bar.

Throughout the day we’ve been looking for links such as these; Each malicious URL we found funnels the browser into the same fakealert, which itself leads to the same rogue antivirus product. Each time we revisited the site, we ended up with what was essentially the same equally nasty rogue antivirus application, sometimes in a different skin, sometimes with a different name. Early in the day we were pulling down something called Total Security. By the afternoon, the tool’s name had morphed to become Security Tool.

The rogue’s behavior on an infected system is obnoxious in the extreme. It hides the desktop by covering everything over with its own wallpaper, and blocks your ability to right-click the desktop, so it’s more difficult to revert the desktop’s appearance by changing your Display Properties settings. It also disables the scroll wheel on the mouse, then blames that behavior on a massive infection it claims has taken over your PC. It prohibits most Internet-capable applications, or even tools like the Task Manager, from running, in the guise of its “firewall” component. Of course, it’s all smoke and mirrors, an attempt to convince you to spend from $50 to $90 on completely ineffective, utterly useless former-Soviet snake oil.

Continue reading

Fakealerts Target Black Friday Online Shoppers

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Now that the turkey and pumpkin pie has settled, and everyone’s gotten a good night’s sleep, shoppers are busily hustling the Web for the best deals. I’ve been doing the same thing, and wanted to share some of my tips that may help you avoid becoming snared in the most prolific cyberscam of the moment: fake virus alert messages (otherwise known as fakealerts).

For months, the perpetrators of this fraud have been honing their skills at targeting malicious web pages to rise in search results forĀ  whatever is in the popular zeitgeist-of-the-moment. Victims experience a computer that appears to be out of control, seemingly unable to do anything but download whatever application the fakealert forces upon them.

A typical "warning" from a malicious fakealert

Take a look at this video. Earlier in the week I tried searching for news about Black Friday or deals on the toy that appears to be the Tickle Me Elmo of 2009, the hard to find Zhu Zhu Pets. What I found were a flood of fakealert sites mixed in with the legitimate search results.

The good news is, it’s not hard to avoid these fakealert sites, but you have to be an alert Web surfer, and carefully scrutinize the results before you click a link. Read on for my top six tips to shop online safely this Black Friday, Cyber Monday, or anytime this holiday season.

Continue reading