Skip to content

Management

Technology

Toolbox

Training

Books

White Papers

Webcast

Resource Centre


ComputerworldUK CommunIT

Want to join the UK’s fastest growing dedicated IT community? Enter here to browse the UK’s top usergroups, societies and associations.

Cybercrime & Hacking management > security > news

February 20, 2007

Microsoft's IM hijacked by security scam

Another rip-off.

By Jeremy Kirk, IDG News Service

Banner advertisements for a security application said to report false or inflated threats have appeared on Microsoft’s IM program, security analysts have warned.

Advert

Microsoft appears to have removed the ads, which were displayed in the contacts panel for its IM program, Windows Live Messenger, said Sandi Hardmeier, a Microsoft Most Valued Professional, a designation the company gives to people who have expertise with its products.

The programme, known as Winfixer, falsely warns a computer has been infected with malicious software, according to Symantec. It asks users to buy a program to remove the unwanted software.

"Quite often, it reports files that are perfectly safe," Hardmeier said. "It uses a lot of false positives. Basically, it's a rip off."

Other security companies, such as Sophos and McAfee, classify Winfixer as a "potentially unwanted application", or PUP.

Hardmeier, who notified Microsoft of the problem, said the ads that appeared on Windows Live Messenger tried two ways to get users to install Winfixer on their machine.

The first was via a pop-up window offering to scan the computer for problems, she wrote. Depending on the version of Internet Explorer used, Winfixer would try to download itself through an Active X control, she said.

The second way was through a banner advertisement that a user would have to click before being taken to a Web site offering Free PC-Secure, a program that is detected as Winfixer by most security software, she said. Winfixer goes by several different names, including ErrorSafe and DriveCleaner.

Microsoft had done well preventing spyware programs from being advertised in banner ads on Windows Live Messenger, formerly known as MSN Messenger, Hardmeier wrote on her blog on her blog, Spyware Sucks.

But Winfixer has proved a tricky foe. Advertising networks have had trouble with Winfixer ads suddenly being served up by their networks despite no affiliation with its creators, Hardmeier said.

The suspicion is that organisations have falsely registered with the networks and substituted Winfixer ads - hosted on their own servers - instead of the advertisements they agreed to supply, she said.

Microsoft officials contacted in London on Monday morning could not immediately comment.

Follow highlights from ComputerworldUK on Twitter
Sign up for our Daily Newsletter
The UK IT News widget Get it for your site!

« prev article | more security news | next article »

Advert

close

Email this article to a friend or colleague:




PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

close
  • This article is now being printed.
close

What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.


Characters remaining:

close

Click below to add 'Microsoft's IM hijacked by security scam - Cybercrime & Hacking - ComputerworldUK' to your blog.



If you do not have a ComputerworldUK Account and would like to use this feature, please Register.

If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.

What is this?

Advert

WHITE PAPERS

  • Legal risks: Employee use of the internet and email
    Exploring the challenges facing IT Mangers today and vital steps to ensure safe internet an email use by employees.
  • Phishing for victims
    This White Paper examines the phenomenon of phishing. It explains the potentially catastrophic threat it presents to all kinds of organisation. Exploding some widespread myths, it lights up the murky waters where phishing first emerged and where it continues to evolve. But it also highlights what your business can do to blunt the threat.
  • Challenges and opportunities of PCI
    The control framework implicit in the Payment Card Industry Data Security Standard (PCI DSS) provides an enterprise structure for improving operational, security, and audit performance.
  • Social CRM comes of age
    Who is this “social customer”? What strategies and tools does the new breed of CRM provide to do something about this?
  • Risk Management: Protect and Maximize Stakeholder Value
    What has held organisations back from a broader adoption of risk management programs?
*