Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 8 May 2007 7:41 am |
|
Anti-virus researchers have warned of an in-the-wild Trojan horse that poses as a Windows activation program to dupe users into entering credit card information in an attempt to reactivate their machines.
Once the Trojan is installed, it throws up an official-looking screen that claims the user's copy of Windows was activated by someone else. "To help reduce software piracy, please re-activate your copy of Windows now," the screen reads. "We will ask you for your billing details, but your credit card will NOT be charged." This is a ruse. The owners of this scam will take your money and steal your credit card number and other identifying information that you input.
Selecting "No" on the false activation notice shuts down the PC. Selecting "Yes" takes the user to a second screen where he or she is asked to enter her name and credit card information, which is then transmitted to the hacker's server.
You can read all about it and see screen shots on this Symantec security bulletin and read removal instructions. Keep your anti-virus product updated every single day, even if you have to run manual updates. Don't wait for automatic updates that may only be pushed out weekly.
I found this opener on a Microsoft blog:
Users should avoid suspicious emails or other attempts that request activation of their Windows environment. Microsoft does not send emails for this process and does not ask for credit card details. Windows activiation is a one-time process only required during the initial install process. The screens and HTML used in this attack are realistic.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
