Phishing emails are a popular way for hackers to steal your information. While most PC users don’t fall for them, even tech-savvy users have been falling for a recent phishing scam.
That scam involves a security update from a payroll processing company called ADP. If you don’t use ADP, then you might not get the email. But if you do use ADP, then you’re probably used to seeing important messages from them appear in your inbox.
The fraudulent ADP message looks like this:
As you can see, it looks pretty official, which is why so many people are falling for it. The email alerts users about an anti-fraud update to their payroll system. When most people hear the words ‘fraud’, ‘payroll’, and ‘update’, they automatically think it’s an important update that they need to install (which is a natural thing to think).
Unfortunately, if you do choose to install the ‘update’ provided by the fraudulent email (which is conveniently attached to the email), then your computer will download something called Mal/FakeAV-OY, which is a fake antivirus program that will immediately take over your computer.
The Mal/FakeAV-OY virus is disguised as a file called “2013 Anti-Fraud Secure Update.zip”. So if you see that file in an email, you should certainly avoid downloading it.
The fake antivirus program is just scareware – which frightens PC users into thinking that their computer has a virus that can only be removed by paying a ridiculous sum to the fraudster. Don’t fall for these scams and avoid opening attachments in emails from unknown senders. If you can do that, then your chances of catching a virus drop to virtually 0%.
Fortunately, most antivirus programs will stop you from downloading the file as soon as it’s detected. Windows may even chime in with a security alert. If you do accidentally install the virus, then Windows Firewall should prevent it from sending data through your internet connection – but it can still be a frightening experience.
If you want to understand how fake antivirus software works, check out this video: