Fake Firefox warnings lead to scareware, Sophos reports
May 2011 by Sophos
IT security and control firm Sophos is warning people to be vigilant, following the discovery of an advanced ’scareware’ campaign that presents users of Firefox with fake warnings that are designed to scare them into believing their computer is infected.
Mozilla Firefox users may see a genuine-looking ’Firefox security alert’, which displays a convincing system scan, including a progress bar and the names of malware supposedly found in files on the victim’s machine - all lending to the credibility of the attack as a way to frighten computer users into parting with cash to clean up non-existent malware infections.
Scareware, or fake anti-virus attacks, prey on IT security fears and fool users into believing their computer has a problem when it does not. Typically, scareware is planted on websites in the form of pop-up advertisements or disguised downloads. There have also been occasions when hackers have spammed out scareware, or links to it, using traditional social engineering tricks to fool users into clicking on the attachment or link.
“Taking advantage of detailed information about the person’s computer and software allows for a much more specific, believable social engineering attempt,” said Chester Wisniewski, senior security advisor at Sophos. “We are likely to continue to see these criminals targeting each operating system, browser and any other details that can be gleaned from HTTP requests sent from our devices.”