As mentioned in the summary, victims are often tricked into installing rogue security software by a fraudulent security warning message. Theses fraudulent messages often indicate that there is a virus infection on the victim's computer or that software is out of date. The following are several examples of fraudulent warning messages. Examples of legimate warning messages are also provided to illustrate the similarities.
Firefox Security Warning 1
Figure 1 is an example of a fake security warning message designed to resemble a Mozilla Firefox update page. Figure 2 is an actual Firefox update page. Note the similarities between the two pages. One differentiator is the Adobe Flash security warning. While Mozilla and Adobe could decide to partner on advertising software updates, the Adobe warning indicates that the browser is up to date even though the message above it is asking the user to download the latest and greatest version. Minor discrepancies and typographical errors can be indicators that something is afoul. The more noticeable differentiator in this example is the URL. The URL for the legitimate message points to www.mozilla.com. The URL for the rogue security warning, although blurred out for security reasons, would not point to the Mozilla website.
Figure 1: Fraudulent Firefox Update Webpage
Figure 2: Legitimate Firefox Update Webpage
Firefox Security Warning 2
Figure 3 is an example of a fake security warning designed to impersonate a legitimate security alerting function in the Mozilla Firefox browser. Figure 4 is an example of an actual Firefox security alert. In this example, the fake message appears to be scanning the user's computer and detecting virus infections. This should serve as an indicator that the message is fraudulent since browsers don't typically scan for viruses in this fashion. However, it is important to note that the fraudulent security warning could have been crafted to appear virtually identical to the legitimate message. In this case, regardless of whether the message is fraudulent or legitimate, your best option is to avoid clicking on any of the provided options and simply close the broswer tab or window.