Hackers don't even need to post text ads on the New York Times via AdWords, they can have a virus (intalled on your computer) that launches this scary popup when the virus notices that you are visiting a trusted web site.
'Scareware' attacks are rising By Kelvin Collins| Special
Monday, November 02, 2009
Computer experts are reporting that scareware -- yet another sneaky technique used by hackers to steal personal information and spread viruses online -- is on the rise. Most recently, companies such as Google, Twitter and The New York Times were exploited by hackers as part of a massive scareware attack on consumers.
The recent scareware attacks are cropping up everywhere and can be found on even the most trusted Web sites online. The threat of scareware undermines consumer trust in compromised Web sites, and on the Internet in general.
In mid-September, visitors to The New York Time 's Web site suddenly received a popup window -- which looked like a message from their own computer -- warning that their computer had been infected with a virus. The user was then told to visit a Web site to purchase and download anti-virus software that would fix the problem. The supposed antivirus software actually installed even more viruses and malware onto the computer -- and the user's credit card number was now in the hands of hackers.
According to The New York Times, the popup was generated by an unauthorized ad. The New York Times later learned it had sold ad space to hackers posing as Vonage. Click Forensics is reporting it was the work of Ukrainian cybercrooks.
The same scenario on The New York Times Web site is playing out all over the Internet. According to Computer World Magazine , hackers are not only using popup ads, they are also "poisoning Google search results." Hackers monitor the news and hot topics online -- such as the death of Patrick Swayze and the U.S. Open -- and through search engine optimization techniques are able to ensure that their Web sites are the top results. Victims who click on the fake search results receive a scareware popup.
Microsoft has been warning the public that scareware attacks are on the rise, and now the company is fighting back. It filed lawsuits against five companies, accusing them of being the source of scareware attacks.
Following are steps computer users can take to protect their computer from a scareware attack:
- Never let your guard down. A scareware attack can happen on trusted news sites like The New York Time s, in search engines results from Google, and even now on Twitter.
Full article at: http://chronicle.augusta.com/stories/2009/11/02/yrb_554107.shtml