outrageous scam site!!!

[miriam_e]

Today I accidentally happened across this scam site that seems to intercept google searches somehow (I was trying to find out what would dissolve a particular epoxy resin called Araldite here in Australia). Google came up with a lot of results, including this fake site called
onlinesecurescannerv3.com

At first it came up with an annoying pop-up telling me that my computer is infected and would I like to do an online scan. I cancelled, but it pretended to do a scan anyway and came up with the utterly amazing screen which I've put behind this lj-cut tag:


How astonishing is the level of work that has gone into that! I had no idea the scammers had gotten so sophisticated now. The window looks just like a standard Microsoft Windows file view. The red warnings of numbers of trojans in "Shared Documents" and the two hard drives blink to attract attention, the green fake scanning line grew to the right, and the blue window could be moved around just like a real window. Just one problem... I'm using Linux and my system looks nothing like this. Even when I used to use MSWindows I always used a different color scheme from the standard.

When I dragged the fake "Windows Security Alert" window to the side the site tried to send me an installable file. If I'd been using Microsoft InternetExplorer on Microsoft Windows this might not have even notified me (I'm not sure if they fixed that security hole yet) before installing it. Even if I saved the file to my machine on Linux I doubt it would have run. I don't use Wine because of just such risks (Wine lets Linux fool programs into thinking they are in a MSWindows machine thus allowing them to run).

Once installed on the machine I shudder to think what such a program could do. Horrifying.

I wonder how many people are sucked in by such assholes. I hope the cops come down on these scum-sucking bastards. Warn as many people as possible of the dangers of such sites. The only real safety here is knowledge.

Comments

Re: fake scanner

[greylock.livejournal.com]

I was amazed to see how many files were modified 8/9/09 around 1:30 in the morning.

Windows update, perhaps? If you have that set to automatic (or the registry is taking a snapshot. I shouldn't worry too much. My machine has modified 161 files in the last five hours.

If you couldn't find the file doing what I suggested then you can relax a little. There are ways to hide files effectively from Windows but I haven't come across a virus or trojan that used any of them so far.

Files like the one you think you have tend to rely on user intervention to activate them (even if they do try a drive-by download).

If you're still worried, I'd back some stuff up,update McAffe's definitions and see if someone tech savvy and come around and have a look before you reboot but it seems to suggest you're clear for the moment.

Re: fake scanner

[(Anonymous)]

Thanks for that info. I will rest a little easier with that information. Someone told me I should go to superantispyware.com and download the free home version. They said it would find anything on the computer. I should think my McAfee should do that, but she insisted that this program cleaned up her computer and had it running better. Have you any knowledge of this program/site? Thanks again (Lunchtime in Carolina)
Candy:)

Re: fake scanner

[greylock.livejournal.com]

I haven't heard of it, and with a name like Superantispyware I'm suspicious.

If you want a free AV program you could try Avira (www.avira.com) or Avast! (www.avast.com/eng/avast_4_home.html).

Avira has the benefit, I think, of being able to run off a boot CD but that will only help if you have an access to another machine to create a clean boot CD.

Either way, it's recommended you uninstall McAffe because AV programs sometimes do not play nice with each other.

Re: fake scanner

[(Anonymous)]

LOL you're clever. I don't know if I'll make it through the 21st century but I'm giving it all I've got! I don't know what a clean boot CD is. tee hee hee. I'm not much fun am I? I don't think I saved that evil program because I remember a window popping up and asking me if I trusted the site. You know the one. So I think I opted out at that point because I didn't trust the site.

I have enjoyed this livejournal site. I may join it.

Re: fake scanner

[miriam-e.livejournal.com]

Many Linux distributions have boot CDs available. You put the CD in the drive, restart the computer, it boots from the CD instead of the hard drive, and you can use it to rescue or tinker with an infected system, without having to install it on the computer.

When I used to use MSWindows I had the bad experience of getting my machine infected once by a program that used Windows itself to protect it from deletion. The only way I could delete the damn thing was to reboot on a bootable floppy disk. These days it would be much easier, because I could boot the Windows machine on a Puppy CD, get rid of the infection, take the Puppy CD out, and reboot the machine as normal in Windows, minus the infection.

These days I use Linux so am quite a bit safer (until Linux becomes popular enough for the predators to want to feed on us). The particular Linux variant I use most of the time is Puppy Linux (http://www.puppylinux.com). While many Linuxes have bootable CDs available, Puppy is always distributed as a bootable CD. You can install this on your computer's hard drive (as I have on most of my machines) or you can simply use it from CD (as I do with the computer I use to connect to the net -- nothing can tamper with the operating system if it is sitting on CD).

This boot-CD quality of Puppy is one of the reasons I like it, but the main two reasons I prefer it are that it is tiny compared to most modern operating systems (less than 100MB), runs much faster than most modern operating systems (mainly because it isn't as bloated as others), and is very easy to use (it superficially resembles Windows98).

The size and speed issues are very important to me because I don't upgrade my machines the way other people do. Many of my machines are quite old, slow, and have little memory. Puppy makes them usable, where other operating systems would make them laughable. However Puppy's speed and size are still assets even on fast machines with oodles of RAM and giant hard drives; it lets them move like greased lightning and gives you far more room for other things.

Re: fake scanner

[(Anonymous)]

Thanks for that info, Miriam. And I can't thank you enough for posting the fake scam. I experienced only minutes after you posted it and when I googled it, your posting was the ONLY one that came up. GREYLOCK was online and did his best to help me. I can't thank you both enough for the time and effort you went to to help a complete stranger. I guess there are some good guys on the net! :) Candy

Re: fake scanner

[miriam-e.livejournal.com]

:) No worries. I'm really happy it was some help.

One of the things I love about Live Journal is the number of really helpful and good people here, both individually and in its communities. That is pretty-much true of most places on the net though. Most forums are helpful places, full of great people. You will always meet a small number of rotten people, but I find the internet is made up of mostly good folk.

This means really good things for the future.

Incidentally, to check out an example of some of the cool people and communities on LiveJournal, see my latest friends' postings.
http://miriam-e.livejournal.com/friends/
Some are individuals and some are communities. Each member can make their own list of friends. LiveJournal is waaayyy better than MySpace -- quicker to load, easier to use, and you have a choice of whether advertisements show on your pages. LiveJournal is free unless you decide to pay for it. I am a free member, though whenever I have income I pay for membership, by my own choice. I like to support such a cool environment.