Malware ghouls took just a few hours to begin preying on the death of actor Patrick Swayze with a new version of a familiar phony anti-virus scam.
F-Secure’s News from the Lab blog details how one malicious site works, luring visitors to the site to buy anti-virus software that can remove alleged infections.
Unconvincingly disguised as a news report about Swayze’s death, the malicious Web site does contain strings of words that mention Swayze, his illness and death, but are not a comprehensible account of what happened.
The site also generates what appears to be a pop-up window warning: “Your system requires immediate anti virus scan!! Total Security can perform fast and free virus and malicious software scan of your computer.”
There may be hints of awkward phrasing in that warning, but this further warning has errors that should be a tip off that it is bogus: “Your computer remains infected by threats. They might lead to data loss and file structure damage, and needed to be heal as soon as possible. Return to the Total Security and download it secure to your PC.”
The malware displays a pop-up that has the appearance of a Windows system screen with warnings in red that read, “Your Computer is Infected” and “Your private data is under attack!”
Victims who roll their mouse over the image download an installer.
The pattern for this type of deception is to convince visitors to take some action that downloads an installer which persistently displays virus warnings to the point that their desktops are no longer accessible.