« Another Slight Variation on 419 ScamsCool Dinnerware Always Doomed »

Jerks And Their "Malware Scanners"


  01:21:59 am, by Nimble   , 543 words  
Categories: Thoughts, Ethics, Internet

Jerks And Their "Malware Scanners"

We show no referrers to the world, but we still get referral spam, i.e. something pretends to have visited your site through someone else's clicks. Referrals used to be a fun way to show who was visiting you. Spammers have crapped all over that feature.

I went to ban a number of them that have come recently from blogggest.com, which doesn't even seem to have decent cover as a free hosting site, never mind anything for bloggers. I accidentally launched the site in question instead (probably blinded by my rage over discontinued dinnerware patterns) and got treated to the loveliest set of lies I think I've seen on a web site in a while.

If you feel like being lied to and clicking for minutes on end cancelling popups, go to scanner.malwarealarm.com/5/scan.php. These assholes pretend to run a scan on your system, though the browser actually gives them no right to run a real one, and pretend that you have an infection. You'll get a screen like this:

Fake scanner warning

Note of course the plea to let the site install software:

Online Security Scanner requires ActiveX controls to repair your computer.
To continue, click the [shield] icon at the top of the page, and then click ‘Install ActiveX Control’.
If you don’t see the icon at the top of the page, click here.

If you click Install ActiveX Control at this point, I will personally not bother to come over to your residence and slap you, because it won't be worth it.

Next, it will protest in the strongest possible terms that you have viruses on your machine... which you don't... or, if you do, do yourself a favor and go elsewhere for your virus-removal needs.

Virus? Me?

If you choose Ignore, well, you obviously wanted to download some software, right?


The comedy continues when you cancel the file download and hit [X] on the fake 'Security Update' dialog.

Don't close me!

Alright, at this point you can close the page. Well, hopefully.

If you go to the main page, you get treated to what seems like a random pick of fake scan animations. My absolute favourite has got to be the scary "stolen personal information" page of scanner.malwarealarm.com/9/scan.php...

Stolen personal information!

If you didn't know that your browser regularly gives out what kind it is and even OS, so that the web server can give content specialized to your browser, or that every web request gives out an IP address and that you can use geolocation to find out where the IP address is coming from (to your provider, usually), and that you still shouldn't worry about it, this is your wake-up call :)

This is one of those cases where even if there were legitimate software on the other end of the line, they're being dirty, rotten netizens presenting lies about your system as truth. "Well, your system might have spyware" will not do as an excuse, given that they specifically name viruses that you are unlikely to have - and that they do not actually know you have - just to scare you into getting by your browser's defenses onto your system.

I know this all is obvious to the Net-savvy, but then... this isn't targetting the Net-savvy, is it? Savvy?



Comment from: Adam [Member]  

I was fiddling with this the other day too; the results look very funny when using an OSX system as they’ve been hardcoded to be “right” for a Windows box.

07/22/07 @ 09:23
Comment from: Nimble [Member]  

Perhaps the next generation of malware security…

…is just to have randomized themes for every single deployed instance of the OS? ;)

It would certainly keep web from being able to imitate look-and-feel illicitly.

07/22/07 @ 18:02