Wednesday, December 14, 2005

Download Fake McAfee Patch and Become a Internet Fraud Victim

The culprits behind organized phishing attacks have no morals and will obviously use the good name of many an organization to dupe you into downloading cybernasties, (malicious software) on your system. Recently, they have used the names of the FBI, CIA, IRS and even Walmart in a variety of schemes, which are probably designed to steal personal, or financial information.

Here is their latest fraudulent scheme, which impersonates "McAfee." McAfee is a leading provider of security software for computer systems. The bottom line is, download the patch from this fraudulent site and become a internet fraud victim.

"Websense Security Labs has received reports of an email scam disguised as a patch for McAfee products. Users receive a spoofed email message instructing them to click on a link to immediately download and install a patch from McAfee. This patch claims to address a virus that does noexistit. The link in the email takes users to a fraudulent website, that appears to be the legitimate McAfee security site.

The patch hosted on this page is actually a Trojan downloader.

The malicious site is hosted in the United States and was online at the time of this alert."


For the full alert, along with screen shots: Fake McAfee Patch.

Here are some useful sites, where one can download legitimate security patches, courtesy of the SANS institute.

Windows: http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
Mac OSX: http://www.apple.com/support/downloads/and
http://www.apple.com/macosx/features/security/
More info: http://www.its.monash.edu.au/security/home/patching.html and
http://www.softwarepatch.com/

For Decembers issue of the SANS "Ouch" newsletter, which includes a summary of recent major phishing attacks, click on the title of this post.

4 comments:

Stithmeister said...

It appears your link to WSLabs is faulty. When I click on it, it takes me to Yahoo mail.

Thanks. Great post btw.

Ed Dickson said...

Thanks, I fixed the link!

viruswitch said...

Sometimes I wonder how people click or even open such emails. We need common sense online and finally education on these matters.

prying1 said...

I think it is people new to the internet that get caught most of the time. Although I did read an article on some people that can't help themselves. They get an email like this and panic. "Is it real or not?" Then they are compelled to click the link...

Anytime I meet someone new to the internet I give them fair warning and a couple hints on avoiding disaster.

Thanks for the heads up Ted. Another great post.