Wednesday, July 29, 2009

Virus scams do not work if you aren't using Windows...

Virus Scams do not work when you aren't using Windows

Don't use zShare. Someone hosted a file there and when I went to download the file, I got a silly little alert message in my browser that said:

"Warning!!! Your computer contains various types of vulnerabilities and threats.

Your system requires immediate anti viruses scan! Personal Antivirus can perform fast and free virus and malicious software scan of your computer."

Now, first things first. I am a Mac user. My computer cannot be infected by viruses like this. But look at the number of so-called viruses it found. 527 trojans found on my Mac's non-existent C: and D: drives. Not to mention in my My Documents and Shared Documents folders, both of which do not exist either.

Take note of the Firefox "download file" messages. All 5 of them. There were three, but two more popped op later. All downloading the same .EXE file. I should have downloaded one and put it on a guinea pig PC to see what it did. I'm very curious now.

Now obviously, this page is aimed at the poor stupid Windows user who doesn't know better. You know, your grandparents who wouldn't know what a virus is and will click anything that they are told to.

So the creators of this scam designed their page to look like an Explorer window. Note the blue XP style, implying that they assume the user will still be using XP and that they have never changed their default Luna theme.

Also note the "popup" inside the page, that says "Windows Security Alert". The one that looks like a separate XP window, but is really a page element that can be dragged around thus fooling the user into thinking it is legit because, hey, "we assume all Windows users are stupid so of course they'll fall for this!"

As I closed all the download windows and closed the tab I got a second message:

"The page at says:
Harmful and malicious software detected. These programs may damage your computer and steal your private information. Online Security Scanner requires Personal Antivirus components to repair your computer. Please click OK to download and install Personal Antivirus tool"

This dialog only had an OK button, but it never downloaded anything. Sadly. Nice try. Obviously trying to once more snag the user into downloading and installing, either willfully or secretly (Thanks, Windows!) their "software" so they can infect your computer even more.

This isn't the first time I've come upon a scam like this, but it is the most elaborate one I've seen. Kudos to the designer for creating a convincing scam. But jeers to the idiot who can't check the users Operating System beforehand so they can see that their scam will not work at all. No matter how hard they try.

In closing, this cheered me up. I love it when someone elses plan to harm me falls apart. But I feel bad for all the people who might have fallen for it, and this is an "ad" on a somewhat popular site! Do the site owners not screen their advertisers first? Scam, Spyware, malicious virus software, whatever, this ad crosses lines and dots i's and all sorts of stuff.

Unfortunately, the EXE it downloaded is incompatible with Darwine. So I cannot run it on my Mac just to see what it does. So I need a guinea pig. I want to get an old PC with XP, connect it to the internet, and see how long it takes to become fully infected.

Just like the good folks over at XKCD.

Viruses so far have been really disappointing on the 'disable the internet' front, and time is running out.  When Linux/Mac win in a decade or so the game will be over.


  1. my little sister once fell for the "click here to delete viruses" thing and our computer was fucked. i had to reinstall windows, but that was a couple of years ago she knows better now.

  2. I'm here because I just had the same warning pop up on my computer (at the time that I received the message, the only window I had open was a Google search results page). I agree with everything you said; however, I think you should reconsider labeling people "stupid" and "idiots" if they're taken in by such deception, especially when you noted that it's an elaborate, convincing scam, and gave kudos to the designer! (Afterall, you don't want people to think you're arrogant and obnoxious, do you?...) And if folks are NOT in the know, and aren't lucky enough to know someone like you to help and advise them, I hardly think that "jeers" are warranted. Honestly, I think you have it backwards: Kudos to the folks who don't fall for this slimy scam, and jeers to the sonofabitchin' designer of the "elaborate" deception.

  3. I switched from XP to Leopard and have been virus free!!!

    It's so cool not to have to worry about viruses and malware...thank you Apple.