Yet another “Fake” Antivirus lookalike detected – this time it targets Microsoft

This type of infection is nothing new. You unknowingly get infected with a rogue Anti-virus/Antispyware lookalike application. They pop-up all kinds of warning boxes that LOOK like a real anti-virus warning, enticing you to visit their web site to pay for the software needed to clean the virus off your computer, using your credit card, of course. These type of infections can be particularly troublesome to remove.

Well, a new one is out in the wild, and it is unusually genuine-looking. It is commonly referred to as Win32/FakePAV, and imitates Microsoft’s own “Security Essentials” anti-virus software. Once your machine is infected, a series of warning boxes will appear on your screen that look a lot like the same boxes Microsoft’s own software displays. It then informs you about one or more (false) infections, and instructs you to click a link to purchase and download a rogue scanner. That scanner is, of course, nothing more than more infected software.

But it says “Microsoft”…

The most troubling thing about this particular rogue app is that it looks so much like genuine Microsoft software, that many users may be easily fooled into believing it’s really from Microsoft.

“It LOOKS like Microsoft, and we can ALWAYS trust Microsoft, right? And Microsoft tells me this is how to fix my computer, so I guess it’s safe to download this”

And that’s EXACTLY what the malicious developers of this app are counting on. The general public thinking that it looks just like Microsoft, so it must be safe.

Remember, very few if ANY legitimate security software will run a scan then display a dialog box informing you to visit their site and pay some amount of money to purchase software to remove the threats. First, the software you end up downloading does nothing more than further infect your machine. Then, of course, you have the problem of your credit card being in the possession of some unknown company.

Best ways to avoid it

  • Keep your anti-virus software up to date
  • Keep Windows current using Windows Update
  • Avoid purchasing anything from websites that look suspicious. If it looks to good to be true, it probably is
  • Only use your credit card on web sites you trust
  • Anti virus software will never scan your computer and ask you to pay for a utility to get rid of an infection
  • Stay familiar with the brand of anti-virus software that you have installed on your computer. If you receive an alert from an anti-virus program you have never heard of before, it is most likely a rogue lookalike infection

3 thoughts on “Yet another “Fake” Antivirus lookalike detected – this time it targets Microsoft

  1. I cannot agree with you more! I pay top dollar for my antivirus software, because I do not want to lose any of my data nro do I want to upset my friends, family and clients by infecting them.
    In regards to using any financial or personal data on the web, if you look at the lower right hand corner of your browser, you will see a padlock. If this is open, it indicates that the website is “NOT Secure”. If it is locked or closed, the site is “secured”. I never leave my personal information on unsecured sites. It is a great way to be hacked or have your identity stolen.
    The internet is a great resource, but as with anything, learning about how to protect yourself is a wise decision.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s