The security team at Microsoft recently published a particularly scary report about a new breed of malware that disguises itself by imitating Microsoft Security Essentials. Take it as another reminder that you have to be cautious about clicking on things onscreen!
The malware announces itself by displaying a screen like the one above – which is a phony copy of MSE, not a real warning, although there is no easy way to tell that by looking. When you click a button on the above window, you’re led through a series of windows that closely resemble real MSE screens, including a fake scan, until you’re presented with a “Scan Online” button.
If you click the “Scan Online” button, you’ll go through another phony scan, then see a list of programs that can “clean” your system. The ones you can click on, with buttons that say “Free Install,” are the fakes that will install additional malware.
If you’re lucky, all that will happen is that your computer will be disabled and you’ll see incessant demands for your credit card info. If you’re not lucky, your computer will be killed, or your computer will be scoured for personal information to send to the bad guys – passwords, credit card numbers, whatever.
By copying the real Microsoft Security Essentials screens so closely, the bad guys have raised the ante, making it even more difficult to know what’s real and what’s not. The real Microsoft Security Essentials has been updated to prevent this malware from being installed in the first place, but remember that you can still defeat any security program if you click on an OK button and invite a bad program onto your computer. You are still at risk if you are lured to a poisoned web site, or click unwisely on a popup window, or let your computer get behind on Java or Flash updates. Your common sense and paranoia are your first line of defense.
I’ve had too many malware-infested computers to work on in the last few weeks. Please review the Rules For Safe Computing and be careful out there!