More from: cross site

Fake Anti-Virus

According to anti-virus authority Sophos, there is an upsurge in the fake antivirus scams. From a bulletin they made available here: http://www.sophos.com/en-us/security-news-trends/security-trends/fake-antivirus.aspx

the Fake AV is downloaded onto the user’s computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats. The Fake AV will continue to send these annoying and intrusive alerts

We have already explained the importance of turning off javascript by default — and clicking the little icon in your URL bar to enable it only for sites that you know and trust — to disable FaceBook.com scams here: http://jdnash.com/2011/03/how-to-crush-facebook-spam-scams/ , the ‘lisa moon’  cross site scripting scam here: http://jdnash.com/2011/04/lisa-moon-xss-over-1-million-web-sites-infected/, and attacks against cloud services here: http://jdnash.com/2011/04/cloud-services-breached-data-stolen-at-epsilon/. This should be corporate policy in all businesses as a matter of self defense. We realize Microsoft Internet Explorer does not make this easy but it is present: click Tools / Internet Options / Security. In the Security tab click ‘Custom Level’ and change the setting for the Internet to HIGH and click the RESET button. Change web sites you trust to “Trusted Site” status.