Rogue Testimonials from Rogue Anti-virus

Filed Under: Malware, SophosLabs

The same breed of character that brought you rogue customer service are adding to their con-artist repertoire with rogue product testimonials for their FakeAV. These obviously bogus "True life stories" are just another detail in the social engineering effort to convince victims of their product's legitimacy.

The actual descriptions are oddly perverse. For example:

Steve J. of New York had his software project stolen through a troyan that got into his computer through some internet site. Steve is still suffering from a strong depression...

and

Thomas S. lost his family over his passion for teen sex sites. His wife turned the computer on and some Teen Sex ad popped up. Next day she left and took both of their kids with her...

Now I'm definitely thinking "I've gotta have this software. "

So what happens when you click the "Free Download" button ? You actually get redirected to a fraudulent payment processing site where you can purchase the software rather than download it. What's more -- the payment site is fully equipped with a genuine SSL certificate from a legitimate certificate authority.

The site uses a domain-validated SSL certificate, which can often be issued with little more than an email address, so they provide absolutely no assurance that the service behind the domain is legitimate. But in order to see the certificate is only domain-validated, you have to manually examine the certificate details and look at the full Subject field contents.

Purchasing digital certificates from legitimate CAs is another angle on malware malicious campaigns.

,

You might like