Rogueware Internet Security 2010 (not to be confused with PC Tools Internet Security 2010) is moving its way to the top of ThreatFire’s community stats to be one of the highest hitting FakeAv/scareware/rogueware packages for January 2010 and the beginning of Feb. Not only is its prevalence glaring, but the infection itself visually and functionally stands out:

Victims of this scam will have a hard time ignoring the screaming new message on their desktop, “YOUR SYSTEM IS INFECTED”. The familiar red X appears in the system tray in the lower right corner of the screen, and multiple phony scan images subsequently pop up.

Next up is a phony but thorough listing of all the detected malware that doesn’t really exist on the user’s system, described with a “Critical vulnerabilities found!” header and a mishmash of security industry buzzwords thrown together in a non-sensical phrase “Proactive system found several active vulnerabilities on your computer”…

And, after shocking the user with this series of blatently false warnings, coming up is the money maker, a suggestion that the user get a license or pay for Internet Security 2010:

If the user ignores the above warnings and tries to continue their work, they instead are assailed with scare-tactic messaging from the bottom right corner of the screen…”Click here to protect your computer from spyware!”…

And “System Warning! Continue working in unprotected mode is very dangerous”, another phony taunt…

Good thing that ThreatFire can keep this stuff off of your system in the first place, and Spyware Doctor+AV is known to effectively clean up previously infected systems.

This entry was posted on Wednesday, February 3rd, 2010 at 10:59 pm and is filed under FakeAlert, Rogueware, Social Engineering. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.