Phishers and scammers have developed a new tactic for separating victims from their money that involves getting them to pay for software that’s normally free, such as Mozilla Firefox or Adobe Flash.
The new scam is offering users the opportunity to download applications such as Flash, Firefox and Opera, that are free in their legitimate forms. The attackers ask only that victims then send an SMS message to a premium rate number that will cost them in the vicinity of $5.60. One of the downloads offered is a beta version of Firefox 4 that allegedly includes an anti-virus update.
The fake software downloads are being pushed by a variety of sites, many of which are in Russian, according to an analysis of the scheme by Christopher Boyd of GFI Labs. The scams are unlikely to fool sophisticated users, but a typical home user may well have a difficult time distinguishing a fake download site from a legitimate one. Although it’s unlikely that most English-speaking users are getting their browser updates from Russian-language sites.
“The SMS costs around 170r, which would be about £ 3.50 / $ 5.60. “Why
would someone bother paying SMS fees for updates to software which
should come for free”, I hear you cry,” Boyd wrote in his analysis. “Suffice to say, I have no
idea either. But I guess it works because otherwise they wouldn’t bother
putting these sites together. The ffup(dot)ru site is particularly
interesting, because it claims to have numerous versions of Firefox 4,
including one with an ‘AV update.'”
Upon clicking on the box to download the fake Firefox 4 beta with the spurious AV update, Boyd got a window purporting to show the progress of a scan of his machine. At the end of that he got a dialog box asking him for the payment via SMS.
The easiest way to avoid this type of scam is to set your browsers and other important applications to alert you when new versions or security updates are available and simply download them from there.