Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Bogus Security Alerts Aren’t From Norton

     

    Fig2 - norton_scam_0

    Con artists are targeting thousands of people with tech support scams that pose as security alerts from Norton Security, researchers at Symantec have found. The phony alerts pop up in the browser and urge the victim to run a quick scan of their computer. If the user clicks “OK,” they’ll see a very realistic-looking fake Norton scan running, which tells them their computer is infected. They’ll then be prompted to download an “update” for their antivirus software, which is actually a potentially unwanted application (PUA).

    The scammers use HTML and JavaScript to create a very convincing illusion that a Norton scan is taking place. The source code contains several invisible HTML div elements which are progressively made visible by JavaScript code. The scammers use JavaScript’s setTimeout() function to time the appearance of the HTML elements, which contain images of a real Norton scan. The victims believe they’re seeing Norton windows popping up on their computer. In reality, it’s all happening within the browser.

    While tracking this scam, the Symantec researchers discovered an unsecured attacker dashboard, which revealed that the scammers had compromised tens of thousands of victims. The dashboard shows that the attackers are paid by the volume of successful PUA installations, and this particular scam netted them at least $25,000.

    The researchers emphasize that there are several red flags here that could have alerted educated users to the scam. First, files on your hard drive can’t be scanned by a website in a browser. Second, Norton scans and updates are handled through the product’s GUI, while the initial alert in this case was obviously browser-based. Additionally, the scam contained several hardcoded elements that wouldn’t have applied to every user, such as “30 days of subscription remaining.” New-school security awareness training can teach your employees to look for suspicious activity and details that are out of place or unexpected. Symantec has the story:

    https://www.symantec.com/blogs/threat-intelligence/tech-support-scams-install-puas

     

    Return To KnowBe4 Security Blog

    Topics: Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews