Are you a Sucker?
By Gerald Internet Anthropologist Think Tank
Just like Conficker, the Koobface botnet is no stranger to the scareware business modeland the potential for monetization of the hundreds of thousands of infected hosts.
However, changes made in the campaign structure of the Koobface botnet during the last couple of days, indicate that the Koobface gang has embedded a pop-up at each and every host that's automatically rotation different scareware brands. They're now officially monetizing the botnet using a scareware business model.
dangerWindAdr = 220.127.116.11/ popup.php loads on each and every Facebook spoof page part of the botnet and is then redirecting the most popular scareware template, the My computer Online Scan.
If you get a warning that you have malware.
Don't panic, STOP, UNPLUG THE INTERNET CONNECTION.
Ok your disconnected and safe, they can't get
anything off your machine if you disconnect it.
Gather your thoughts, and start by checking
out where the warning came from.
The bad guys are inventing new fake security
sites every day, can't keep track of all the
bad security sites, but we can keep track
of the good safe security sites.
Ok after the panic settles, and you see the warning didn't come from your security
software, and you have run a scn with your own safe security program,
plug back into the net
To check if its an approved site.
If you can determine the warning came from
a site not on this list, ignore the fake warning.
You have run your own scan from your approved security
And can check to see the warning is not from a approved
security site, don't buy the program.
If no one buys the fake security programs,
they FAIL. DON'T BE A SUCKER...
Labels: Are you a Sucker?