So apparently some of the oh so ‘intelligent’ Malware community have decided to target Skype users with a.. laughable.. IM type attack (You know, the type of thing you see on Yahoo! IM now and then). Why do I say its laughable? Well, according to the place I learned about it (ZDNet – link at the bottom), the target user is contacted with an IM saying that their computer is infected, visit blah blah.com to get a free scan – that should be a pretty big tip off to anyone with a partial cranial insert right? Well, apparently it isn’t that hard to trick computer users – in some of their defense, they have no way of determining that Skype is for IM’s / Voice chat.. not for inspecting your system for bad stuff (Though some application of brainpower might help).
According to the ZDNet article, the IM directs users to a page which does a fake scan and pops up a dialog box with fake found results. Clicking anywhere in the box directs you to a checkout page of a shopping cart for a $19.95 ’security patch’… I almost feel sorry for those caught by this type of thing.. almost but not quite.
Heres a dose of common sense people: If an instant message says that you are infected.. ignore it and report (as spam or whatever) the sender immediately. Do NOT click on any links, go to any referenced sites, or download anything. If in doubt, use a real scanner solution (AVG Anti-Virus, Microsoft OneCare, etc) to scan your computer.
The best defense is a good sense of when not to click.
Source: http://blogs.zdnet.com/security/?p=670
Related Link(s): A list of known Rogue Anti-Spyware at SpywareWarrior.com
Note: All opinions on the intelligence of the average human in this article are mine and mine alone. I reserve the right to judge people for their stupidity, and assume that the same will be done for me.