Combatting Scareware

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Although I don't current work in IT support or security I have just been having a conversation with one of our techs about the rise in scareware.

We don't currently have a policy of education or combating this recent threat. What are you guys doing to educate users? They are now the weakest link in IT security.

My dad was almost tricked into buying one of the bogus Antivirus software which popped up when he was on a genealogy website. Fortunately he checked with me before he paid any money, although the nag-ware it downloaded was a bugger to get rid of.

Thanks

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I don't see any different ducation needed specifically for scareware. How many users, when they see a scareware application advertised, are going to rush out and buy it for their work computers? I'd suggest none.

And they can waste money on what they want to at home if their daft enough.

 

I think that educating users against specific threats is wrong, instead effort should be taken to ensure they protect themselves correctly such as not running as an admin, using Firefox with noscript and adblock+, windows and AV kwpt upto date etc.

 

Haven't they always been?

 

When I was in charge of doing so, I simply told new users to report anything strange (including stuff like this) to the help desk. That covered pretty much anything malware-related.

 

Help Needed.

By conincedence my colleage has spoken to me this morning about her home laptop and is complaining that as of yesterday keeps being told by "Norton" that she has a virus and it wants to charge her to remove the problem. It is not really Norton but the fake splash screen that comes with this sort of Malware.

I have identified that she has fallen into the Scareware trap. I want to help her remove the Malware, this one is called Windows Enterprise and at first glance is running an executable file in the processes screen entitled WE66e1.exe. I am aware that these are often mutating file names so this could just be a random title.

Is their a bootable Anti-virus I can create or do a reg edit to correct this problem. At the very least get full control back to correct the problem.

Any help appriciated.

 

Hi

I would download the free version of Anti-Malwarebytes from here:

http://www.malwarebytes.org/

I find it a great tool and it has yet to fail to remove any infestation that I have encountered so far.

 

Cheers Nelix

I have done some more research and found this interesting article for anyone else having this problem.