Phoney Anti-Spyware Software Lures Unsuspecting Users
By Gregg Keizer Courtesy of TechWeb News
A scam that's spoofing Microsoft's Windows Security Center shows that phishers are increasingly abandoning the traditional e-mail ploy of telling consumers their bank accounts are at risk, a security expert said Tuesday. Like the most dangerous and devious phishing attacks, this one is based on a Web site. Users enticed here face a fake portrayal of Microsoft's Windows Security Center.
The bogus site displays such factual information as the user's IP address, the browser being used, operating system, and country of origin. Along with that, however, the page claims that an attacker "has gained access to your computer and is collecting the information about the sites you've visited and the files contained in the folder 'My Documents.'" A pop-up also alleges that the PC has been infected with a rogue .dll -- a piece of spyware dubbed "W32.Sinnaka.a" -- that's collecting private data.
(Moderator edit: quoted material reduced to comply with fair use provisions in US copywrite law. jgweed)
Edited by jgweed, 17 September 2005 - 10:11 AM.