We are seeing the criminals behind fake anti-virus continuing to customize their social engineering attacks to be more believable to users and presumably more successful.
Criminals on the web are usually always sneaky in their ways, in an effort to obtain certain information on people. A lot of the time its information that can lead to wiping the user’s bank account clean and with the expansion of the web, the methods have become ever more imaginative.
Fake anti-viruses are nothing new, techies everywhere will have likely stumbled across one, once or twice and it appears that the criminals behind such deceptive programs have a new idea up their sleeves.
The page is nearly an exact replica of the real Microsoft Update page with one major exception… It only comes up when surfing from Firefox on Windows. The real Microsoft Update requires Internet Explorer.
The same site was also hosting the traditional Windows XP explorer scanner we have seen for years, as well as a new Windows 7 scanner.
Similar to spam messages that have corrected their grammar and use correct imagery and CSS, the attackers selling fake anti-virus are getting more professional.
They use high quality graphics and are using information from our UserAgent strings that are sent by the browser to customize your malware experience.
Just like visiting your bank you should only trust security alerts in your browser if you initiated a check with Microsoft, Adobe, Sophos or any other vendor for updates to their software.