ITBusinessEdge: Watch Out For New Scareware Exploit
Victims download fake antivirus software that pretends to find malware, then asks for a credit card to pay for an extended version of the software to clean out non-existent malware.
“Microsoft has issued a warning about a new malware called the MSIL/Zeven that uses scareware and social-engineering techniques to secure the credit card details of users. This malware is unique in that it detects the currently used browser before launching tailored security warning pages that are virtually indistinguishable from legitimate ones, with the “helpful” option to download the appropriate antivirus software.
A user that goes on to download the offered “Windows 7 antivirus” is essentially installing a copy of the MSIL/Zeven. The rogue software appears to be equipped with all the features inherent in antivirus scanners, such as the ability of scanning for virus, updating malware definitions and configuring various security and privacy settings. The truth is that everything is just eye candy only – none of it actually works.”