I've updated the post with a second Skype call I received on 1/17.
Scammers are always trying new ways to reach their targets to foil them into buying free software
, sending credit card information
, etc. Yesterday, they called me directly at home!
I was working on my computer when I got a Skype call from an unknown caller with a Skype ID of "NOTIFICATION® URGENT - WWW.SWNOW.COM - UPGRADE INSTRUCTIONS
". The automated call explained that my "software protections" were disabled and I had to urgently go to www.swnow.com
(spelled out in the call). I could not record the call, but it was very similar to what you hear when you visit hxxp://www.swnow.com/
|Skype call from a scammer|
The call does not give any information about who is calling or what this "software protection" is supposed to be. It lasted 1 min. 50 secs. and basically just urged me to visit www.swnow.com
|Skype call information|
When visited, hxxp://www.swnow.com/
displays a fake antivirus page. It looks different than the Fake AV
sites that use Blackhat spam SEO
to reach users. Of course, the site purports that numerous viruses are found on your computer...
|Fake AV claim to have found viruses|
The website is trying to sell the antivirus solution, rather than trying to get user's to install malware disguised as a free AV program. The website is well designed. The button "Activate Computer Protections" shows an "activation" form..
|Check out form|
Then, the website gathers some personal information (name, e-mail address, etc.) via the "activation" form.
Finally, the user is sent to a different website, securecheckouts.org
, to process the payment.
|Payment processing form|
Looking at the HTML code, the page only contains an iframe, pointing to hxxp://www.liveadmin.com/affiliates.php?affil104,
where the payment form is actually hosted.
|HTML source of securecheckouts.org|
There have been a steady rise of websites trying to resell free software (AVG
and other antivirus, OpenOffice, P2P clients, etc.) or deliver fake stores
that claim to offer software at deep discounts, etc. However, this was the first time that I've encountered a Skype call being used to push users to visit a fake store.Second call
I received a similar Skype call on 11/17. I was urged to visit www.msgmf.com
to protect my computer. Te website is similar to www.swnow.com
. It tricks users into paying $19.95 through click2sell.eu
for an antivirus.
|Second Skype call spam|
|Fake antivirus on www.msgmf.com|
|Antivirus "activation" page|
|Payment form on click2sell.eu|