According to Julian Sobrier, a security researcher with ZScaler Research, fake anti-virus sites are a very common way to trick people into installing malware on their computers. Another technique is to repackage popular software with adware or malware, and offer them for download.
AVG, he said, is a popular anti-virus vendor that offers a free version of it's product but, rather than getting money by bundling this free spammer with pay-per-install adware, scammers have created websites to sell (free) AVG.
Fake site names used for this scam, he says, include:
- hxxp://www.avg-free-download.org/
- http://www.avg-free.us/
- hxxp://free-avg-download.com/
“The three fake sites redirect the users to a payment form. The first page gathers names and e-mail addresses. Even if the user decides not to pay, the scammer can still spam the user, or resell their e-mail address”, he says, adding that they route to hxxps://secure.signup-processor.com/.
The West Coast US researcher goes on to say that users are not being asked to pay for the software, but are instead being asked to pay a monthly maintenance fee.
“As always, users should make sure they download their software from the official site. AVG flagged these three sites, but Google Safe Browsing and Internet Explorer did not. Of course, people looking for Free AVG clearly don't have AVG installed yet”, he noted in his latest security posting.