Webroot® Threat Advisory: Hackers Using Continental Flight 1404 Headlines To Scam Online News-Seekers

Rogue Applications Trick Users Into Purchasing Phony Software And Sharing Personal Information; Hacks Extend Into Other Breaking News Topics

Boulder, Colo., December 23, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, has detected a new string of rogue antivirus applications that use URLs related to Continental Flight 1404 and other current news to manipulate consumers into purchasing phony Internet security protection. The URLs link to a download site which triggers a series of fake infection and firewall pop-up messages, bearing the generic name “Spyware Guard 2008.”

“Cybercriminals are capitalizing on the Continental Flight 1404 incident and other news catching the nation’s attention, including NFL game results and regional holiday events, and they’re programming fraudulent Web site links to appear near the top of search engine results,” said Paul Lipman, senior vice president and general manager of Webroot’s Desktop Business. “As a result, consumers can easily click on a link that leads to deceptive messaging from a seemingly trusted source, and subsequently share personal information to purchase fake software. We encourage anyone searching for news online to be skeptical of unfamiliar URLs, and to protect themselves by having a legitimate antispyware, antivirus and firewall software in place.”

According to Webroot’s Threat Research team, many rogue antimalware applications use tactics to appear as if the product comes from a trusted security company in order to convince users into downloading and purchasing the product. Users find the Web site downloading this rogue application through a Google search further projecting an aura of trust. With this new string, users receive a series of fake “Spyware Guard 2008” messages distributed by a download site called frelatig.com.

Webroot has developed a set of recommendations for users to prevent this type of malware attack. For these tips and more information about online protection, visit http://www.webroot.com.au/En_AU/csc.html.

ABOUT WEBROOT

Webroot is committed to taking the misery out of Internet security with its suite of Webroot® SecureAnywhere offerings for consumers and businesses. Founded in 1997, privately held Webroot is headquartered in Colorado and has operations across North America, Europe and the Asia Pacific region. For more information, visit http://www.webroot.com or call 800.772.9383. Read the Webroot Threat Blog: http://blog.webroot.com. Follow Webroot on Twitter: http://twitter.com/webroot.

©2012 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are registered trademarks of Webroot Inc. in the United States and other countries. All other trademarks are properties of their respective owners.

Copyright 2004 - 2012 Webroot Inc.