Just in time for the Halloween season comes a warning from Microsoft about a new piece of so-called “scareware” targeting web users.
You may want to warn your users about the scam, which comes in the form of a message saying that the user’s computer is infected with a virus, along with a link to a phony piece of antivirus software as a supposed remedy.
Attacks like this are nothing new, but the threat making the rounds now is a sophisticated, browser-specific attack, Microsoft said.
When users visit a compromised web page, the virus, known as Rogue:MSIL/Zeven, identifies what browser is running.
The malware then opens a pop-up window that mimics the warning page that particular browser displays when malware is detected.
The window includes a button to clean up the alleged infections, which directs users to a web page for a legitimate-looking product called Win7 AV. But the application is really just a piece of malware.
Also, users are asked to pay money to purchase the “full” version of the program — if they do, their financial info is stolen.
