Here’s how it works: an ad for a Web site pops up as a window on a user’s computer, falsely indicating the PC is infected with a “virus.” The user clicks on the ad that links to the Web site. This downloads and installs a program. Depending on your security settings or software this can even happen automatically!
Once the program is on your computer, it automatically downloads other infections and also changes some inner Windows-workings that regulate how your PC browses the Internet.
Here’s the real kicker. If after the infection is on your computer and you attempt to visit legitimate software review sites, you are redirected to fake Web sites set up to look exactly like the originals. For example, you might try to look up “antivirus” on a Web site. But instead of going to the actual site, you will go to a mirror image that will ask you to download the software: “Antivirus1,” “Antivirus 2010,” “Antivirus XP” or “Antivirus360/AV-360.”
DON’T DO IT!! These programs, as legitimate as they may look, are viruses set up to get your credit card info out of you.
Of the last 10 virus removals I performed where one of these viruses were involved, 7 people indicated they thought it was some sort of Windows Update, clicked the ad and installed the software. 6 of those people had been using computers for 5+ years.
To protect yourself keep a few things in mind:
Stick with name-brand software. If you are unsure if it is a real product, try searching for it on a name-brand brick-and-mortar store’s Web site for the name. If you don’t get an exact match of name and picture, be wary.
If your computer has directed you to a Web site that says “Antivirus 1,” “AntivirusXP,” “Antivirus 2010,” or “Antivirus 360” is an awesome product, you may have already been infected with the original redirecting program. This program is what directed you to the false Web site in the first place.
If your computer is suddenly “Blue Screening” and looking like it is rebooting, giving you a warning about some sort of unregistered program during the boot screen, you are infected. Shut off your PC and get it fixed immediately. Change PIN numbers and passwords AFTER the repair is complete if you bank/buy things online.
If you have already given your credit card number to one of those software programs above, alert your credit card company immediately.
Make sure your computer is up to date and has antivirus AND anti-spyware protection.
Be extra cautious of ”adult” Web sites.
The “Big 3” things to remember that I always make sure to tell my clients:
The goal of “scareware” is to scare you into thinking something is horribly wrong. Once you are convinced, you will probably download the bad software. This usually ends with providing financial information to a bad third-party. All the protection in the world may not help if all users of the computer don’t know that what is “popping up” is fake.
Microsoft currently does not advertise anything “non-Microsoft” to fix problems with your computer. For instance, Microsoft does not recommend via pop-up to install “Joe’s Antivirus” program because you have a problem. Currently the viruses do not use the phrase “Microsoft” in their advertising. They do use the phrase “XP” however.
Finally, if you suspect at all that anything is wrong, turn off the PC and get it looked at. Viruses cannot spread if the computer is turned off. They can spread if the computer is on and connected to broadband (even if you do not open your web browser).
If you have any questions, or think you may have been infected, give us a call or stop in to one of our local Geek Squad precinct at any Best Buy store.