Virus alert: malware mimicking Windows Updates

Security experts are warning against malware that's dressed up as Microsoft Updates.

According to security firm Sophos, criminals are looking for
increasingly believable ways to persuade consumers to download fake
antivirus and mimicking Microsoft's own security is their latest wheeze.

“We are seeing the criminals behind fake antivirus continuing to
customise their social engineering attacks to be more believable to
users and presumably more successful,” said Chester Wisniewski on the Sophos blog.

“This week they've started to imitate Microsoft Update.”

According to Sophos, the drive-by page is an exact replica of the
real Microsoft Update page, but only appears on Firefox, which is a
giveaway that something is wrong.

“It only comes up when surfing from Firefox on Windows,” said
Wisniewski. “The real Microsoft Update requires Internet Explorer.”

According to Sophos, the attacks are becoming increasingly complex
and targeted and users need to start thinking about communications from
software providers with the same level of suspicion previously reserved
for fake bank emails.

“They use high quality graphics and are using information from
UserAgent strings that are sent by the browser to customise your malware
experience,” Wisniewski said.

“Just like visiting your bank, you should only trust security alerts
in your browser if you initiated a check with Microsoft, Adobe, or any
other vendor for updates to their software.”

This article originally appeared at pcpro.co.uk

http://www.pcauthority.com.au/News/260158,virus-alert-malware-mimicking-windows-updates.aspx