Man, these cybercrooks are good; clever and very quick to seize on any opportunity to relieve unsuspecting users of their hard earned cash or personal information. This most recent scam, brought to notice by Trend Micro researchers, clearly targets users’ innate attraction for bargains and ‘free’ offers.
Windows 8 naturally generates curiosity among users and Windows supporters. Its popularity – not to mention the chance to get one for free – is what makes ruses like this effective at tricking users into downloading malware.
Trend Micro researchers have identified sites which are pushing malware in the guise of free Windows 8 Activators. Unsuspecting users download the software which is actually fake and identified as HKTL_KEYGEN. According to Trend Micro, the sites offering the fake software are hosted on IPs located in Latvia or Romania, which also host sites peddling fake versions of popular mobile applications… further cementing the ‘bogus’ label.
Users who do unfortunately happen to download these “activators” will be asked to fill out a form with personal details plus send an SMS message to a specific number in order to get the activation code. Needless to say, no code will be returned, and the users have just parted with some seriously private information.
So, if you happen upon a site which is offering a free Windows 8 Activator for download, please be very careful. No matter how good the deal sounds, do not download any software unless it is coming from a known, safe source.
You can view the Trend Micro report in full here: http://blog.trendmicro.com/trendlabs-security-intelligence/free-windows-8-activator-think-again/
Very recently, one of my regular clients rang in a panic. She had just received an email, purportedly from PayPal, stating that her account was $79.00 in deficit and she needed to rectify the situation as soon as possible. Unfortunately, before she contacted me, she had already clicked on a link in the email and filled out an extensive online form disclosing all her credit card details. Fortunately, she soon realized the error she had made and contacted her bank immediately. A quick check revealed no extraneous or unidentified debits or charges and the credit card was duly cancelled… no harm done. One very lucky lady! (I have since checked the computer in question, no sign of malware)
The point of the story is this; this lady is elderly but she is definitely not dumb, in fact she is very bright. But she is ‘old school’, where the thought of an unpaid debt is abhorrent. So, in a state of high anxiety, common sense was temporarily thrown out the window and she reacted accordingly. This is exactly what the scammers are relying on…. you do not need to be silly or dumb to fall victim, and it is no refection on you personally. It merely re-enforces the excellent creed when dealing with all things internet: STOP! … THINK! … THEN ACT.