Monster Halloween Gala

ClearPath Forward5 minutes readOct 23rd, 2017

Halloween is a couple weeks away, and you’ve been invited to a gala featuring one of your favorite local bands. You’re thrilled at the invitation and decide to see what the band has been up to lately. You search for the band’s web site in your favorite Internet search engine. Oh, wow! It looks like they’ve redesigned their web site since the last time you visited. And look at that – there’s a link to a video that promises to give you a preview of a new song you’ll hear at the gala, “Monster Halloween Gala.”

You click the link, and there’s a player window, but it doesn’t play. Oh, wait, there’s a note at the bottom of the player that says, “If this video doesn’t start playing, click here to download the latest player.” You click.

It’s trick-or-treat time, and you’ve just been tricked!

But you don’t know it yet, so you wait for the download, and then you get a warning, saying that your computer is infected with a virus. The popup offers to do a scan, so you take the offer – after all, the window header says “Microsoft Malicious Software Removal Tool”, and you know you can trust Microsoft. As you watch the screen, you see that you have not just one but 45 instances of malware on your poor, infected PC.

The scan window offers to show you third-party software that can remove the malware, and it even evaluates each according to how well it will do against the particular problems on your PC. One vendor stands out, and it must be good, because the scan window shows you that it is rated higher than any anti-virus vendor you’ve ever heard of before.

You really want to watch the band’s new video, but because you’re conscientious about your PC’s health and welfare, you follow the link to the top-rated solution. Fortunately, it’s not a budget breaker: $39.95 for a year’s license. The web page includes graphics that show several certifications that you’ve heard of, so you figure it must be safe. Not only that, but you can see from the extensive configuration options that after you register and pay for it, you’ll have some full-featured protection. Before the software can work its magic and remove the malware, you have to register and purchase a license, so you get out your credit card, pay the fee, enter various other information about yourself and submit it securely, using TLS 1.2 encryption. This enables the “Remove Malware” button, and after you click it, your new anti-virus software reports that it has cleaned out all infections from your PC and you’re safe. You pat yourself on the back for finding this gem, because the major brand software you’d previously installed didn’t find any of these problems, but now you’ve got the good stuff!

The only down side is that after all this, the music video still won’t play. Disappointed, you give up on the video and head to the mall to look for a costume to wear to the gala. As you climb into the car, a criminal organization on the other side of the world is bundling up your credit card data and personal information along with those of thousands of other victims, to be sold in bulk at $2 per card on one of several criminal information exchanges. Hackers hijacked your favorite band’s web site , and your PC is now hosting malware that has disabled your legitimate anti-virus software and left a bot in its place that can be controlled from far away when it’s time for the next exploit.

Fake anti-virus software accounts for about 15 percent of the malware on the web, and it’s a growth industry in which profit-oriented criminal enterprises are major players . The sophistication of their deceptions continually increases, as does the tool support available to them. For example, attackers can use special software to poison the results from popular search engines to make their sites get high relevancy ratings. Furthermore, the alleged certifications were just graphics, not legitimate live links, and the window title you read didn’t really come from Microsoft. The download wasn’t removing malicious software – just the opposite!

By the way, you did watch a video, but not the one you expected. That window that claimed to show the results of a scan of your PC was a canned video that served its purpose – luring you to buy fake anti-virus software.

Happy Halloween! The scariest Halloween monsters aren’t ringing your doorbell and calling “trick or treat” or dancing at a Halloween gala – they’re sitting at computer terminals and living off your credit cards!

Tags-   Border security