Super Bowl 2010: and the winner is… a rogue antivirus!

Cybercriminals continue to rely on their victims' curiosity in order to trick them into imperiling their data. In the Super Bowl 2010 scheme, the malware spreading mechanism is simple and classic: when the credulous user clicks the link to an apparently legitimate Web site displayed in the search results page, the browser is automatically redirected to a Web page that infects the computer with a fake antivirus.

The behavior of the malicious program starring in this case is comparable to that of other rogue antivirus: when the user is redirected to the malware distribution Web page, the browser window automatically minimizes and a warning message is simultaneously displayed. This message notifies the user about several alleged computer infections and it points out the necessity of installing a security solution.

By clicking either the OK or the Cancel buttons of the various pop-up windows appearing on the screen, the user activates a false demonstration that unfolds in the restored browser window. This demonstration imitates an on-going scanning process that detects oodles of malware in the system, while other fake pop-up windows attempt to trick the user into downloading the malicious program posing as the antivirus.

With each so-called scan, more and more notices of false detections place the user under the pressure of registering the rogue antivirus. Once installed, it modifies or irremediably damages the content of several system files and it conveys numerous pop-ups on sham system problems and fake infections, while also persistently asking the user to buy or renew a license.

To protect and avoid compromising your system and data , follow the five security tips below:

• install and activate a reliable antimalware, firewall solution and spam filter, such as those provided by BitDefender.
• update your antimalware, firewall and spam filter as frequently as possible, with the latest virus definitions and suspicious application/file signatures.
• scan your system frequently.
• regularly - download and install the latest security updates and malicious removal tools as well as other patches or fixes released by your operating system provider.
• do not download or save files from sources you don't know; run a complete antimalware scan before opening or copying any file to your system, even if the file comes from a trusted source.