iTnews

Webroot warns of fake Windows update scam

By Staff Writers on Mar 12, 2010 11:50AM
Webroot warns of fake Windows update scam

Convincing dialogue box likely to snare victims.

Security firm Webroot is warning internet users to be on the lookout for a malware attack masquerading as an official Windows update.

The attack appears to relate to a number of out-of-band patches recently released by Microsoft.

"The spy, which serves as nothing more than a vehicle for a fake product called Antimalware Defender, so closely resembles a Windows Update installation dialogue that some members of our threat research team had to pause and look carefully at the dialogue box before deciding that it is, in fact, a big fat hoax," said Webroot threat researcher Andrew Brandt in a blog post.

Brandt warned that falling for the scam could mean users being coerced into handing over money to deal with a 'virus problem' that does not exist.

"While the fake anti-virus detections it 'reports' are pretty believable, the help file created by the goofballs behind this spy is truly a masterwork of idiocy. The file has helpful links back to Microsoft's own Windows Defender privacy policy, and other nuggets of gold."

Brandt added that computer owners used to dealing with Microsoft updates should find the fake easy to spot.

"Identifying the file is not all that hard if you're accustomed to using Task Manager or Process Explorer to watch what's running on your PC," he said.

"Unlike a real Windows Update session, these fake updates appear as a DLL running from the temp folder with the words 'start worker' in the command line. Once you kill this process, you can empty your temp folder and be done with this nuisance."

IT managers may consider warning less experienced workers to be aware of the risk.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
fake of scam security update warns webroot windows
In Partnership With
By Staff Writers
Mar 12 2010
11:50AM
0 Comments

Related Articles

  • Two charged over $500,000 BEC scam
  • Microsoft boosts bug bounties for sign-on services
  • Fraudsters targeting NSW govt IT suppliers
  • Patch out for exploited Internet Explorer zero-day
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

CBA slammed by RBA for stalling New Payments Platform

CBA slammed by RBA for stalling New Payments Platform

TPG 'contemplates' future of sub-$60 NBN plans

TPG 'contemplates' future of sub-$60 NBN plans

Inside Infosys' complex Centrelink payments calculator overhaul

Inside Infosys' complex Centrelink payments calculator overhaul

NBN Co challenges Australia's $60 broadband 'sweet spot'

NBN Co challenges Australia's $60 broadband 'sweet spot'

You must be a registered member of iTnews to post a comment.
Log In | Register

Whitepapers from our sponsors

Are you getting profitable outcomes from your IT?
Are you getting profitable outcomes from your IT?
Your Microsoft Security journey starts here
Your Microsoft Security journey starts here
Is your AWS framework well-architected?
Is your AWS framework well-architected?
Why you should  reassess your cybersecurity posture
Why you should reassess your cybersecurity posture
How will you manage the cloud data deluge?
How will you manage the cloud data deluge?

Events

  • Gartner Data & Analytics Summit
  • 3rd Intelligent Automation Sydney Summit
  • 2nd Data Governance & Management Summit Melbourne
  • Technology Risk Management Summit 2020
  • 7th University IT Service Strategy & Challenges
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.