It’s a pretty old trick: Take a rampant fear, and bet that prevailing panic will induce people drop their guard and go along with a foul scheme.
This time the fear is infection with the Conficker computer virus, and the scheme is a fairly tired one: fake security software.
In recent days, there have been multiple reports of scam artists popping up on the Internet offering to help remove the Conficker virus from the hard drives of a skittish public. They’re buying domain names, often ones that include the Conficker name (a growing list is maintained here) and putting up pages that mimic real security-software maker sites.
And they’re promoting their scams aggressively. Bogus sites are turning up in Google search results, including the paid ads on those pages. And yesterday, Microsoft warned that spammers claiming to be from Microsoft itself are sending out e-mail messages pushing fake security software. One message tells recipients they’re infected with Conficker and urges them to visit a counterfeit Microsoft Web page to have it removed free.
But nothing here is free, and nothing malicious is getting removed. These so-called rogue security programs are scams that, typically, involve false warnings that you’re infected with something awful and an offer to remove the awful thing for $39.95 or some other sum. They may bombard you with popup warnings that you can’t shake until you agree to pay the money. Of course, the “product” you’ll get is incapable of removing malicious programs, and may be malicious itself.
A lot of people get caught in these scams. Back in November, Microsoft said it was seeing a particular rogue security program in high numbers and began offering free removal. A week later, it reported that it had cleaned nearly one million copies of the program from customers’ machines.
Don’t be a victim. If you are concerned that you may have contracted Conficker, go to the real Microsoft site to get your PC scanned and have anything truly awful removed.