Video of a fake anti-virus attack

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Following the video I posted earlier today demonstrating how criminals have planted messages on the Spike website linking to pornographic and malicious attacks, here’s another movie.

[vimeo 2445324]

This video, made with help from Dmitry in our Vancouver labs, demonstrates something that Fraser Howard recently blogged about.

In the video you’ll see how an innocent-seeming Google search (in this case for a recipe for snickerdoodle cookies) can take you to a website that then will assault you with fake anti-virus warnings (also known as scareware or rogueware).

If you fall for the bogus alerts you might be tempted to visit the professional-looking bogus websites which pose as legitimate security vendors. These sites are increasingly professionally designed as you’ll see in the video below, and every day we encounter five such new fake vendor websites every day, with the figure rising to over 20 a day on occasions.

Sign up to our free newsletter.
Security news, advice, and tips.
[vimeo 2445425]

Of course, if you fall for the confidence trick and hand over your credit card details for a “solution” you’re playing right into the hands of the criminals.

There has been a huge growth in scareware during 2008. According to the Sophos Security Threat Report we published yesterday, the bad guys are spreading scareware not just by planting it on websites but also by actively spamming it out in emails to people. Indeed, in just one of our spam traps, we recorded an average of around 5000 such emails each day.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.