« Financial Crisis as Universal Spammer Hook | Main | A Botnet By Any Other Name... »

October 12, 2008

The following chat popped up under Skype today:

Putting aside the fact that I was running Skype on a Mac, this "Update Alarm" sender (with a Registered Trademark symbol, no less) insists that there is malware running on my Windows machine, and that I should click the link to obtain the patch. Although I've blocked out the domain name in the image above, I can say that it is a credible name to the unaware recipient (the name contains the word "registry," which sounds very technical and must be feared).

(As an aside, I get very little Skype spam, probably because my ID is a little strange. Yet today, in addition to the one above, a plea from an allegedly sex-starved woman also popped up. I fear that my strange Skype ID is now hosed.)

Out of curiosity, I did a safe view of the source code of the home page of the site. The domain is supposedly registered to someone in Prague (possible, but I wouldn't wager any money on it). The home page is loaded with tons of JavaScript, including a routine that reads an external file consisting of a list of PC files that this page claims to be scanning. The scan, however, is just a loop timer that displays the file names as the list is read. No actual scanning takes place.

Next, a random number is generated with JavaScript to show how many files on a visitor's system are "infected." That's so different visitors likely get different results.

At the end of this phony baloney scan, a visitor is supposed to be sufficiently frightened to purchase the cleanup software. I don't know what this particular piece of software does, but I can guarantee that if you were to buy and install it, your PC would never be the same. And I don't mean that in a good way.

Now, this trick has been around long enough for tricksters trying to pull this off from the United States have been convicted of wrongdoing. This guy's site is hosted in the U.S., so perhaps the Federal Trade Commission will pursue the matter.

One reason that tricks like this Skype message are so effective is that we computer users—of all flavors—are suffering from a serious case of update fatigue. We're constantly bombarded by legitimate update messages for our operating systems, our browsers, our iTunes, our Java runtimes, our Acrobat readers, our antivirus programs, our Microsoft Offices...the list of automatically-updating real software is endless. By and large, we get so many of these update announcements—usually popping up when we're in a huge crunch to finish some time-critical task—that we'll click "OK" or "Install" just to get the program to STFU. And when a crook dangles the threat of a computer infection—booga-booga—most users don't know if the alert is coming from their anti-whatever software. The idiocy of a Skype message supposedly detecting a PC's malware infection does not compute for typical PC users.

What makes me the maddest about this venerable trick, is that the crooks like to make you think they're looking over your shoulder to protect you. In truth, they're feeling up your skirt or pants leg.