Computeractive has discovered an attack that fools people into downloading malicious software by mimicking a genuine Microsoft Windows security alert.
The attack is a clever variation on the rogue anti-virus alerts that appear when people are online: this one uses emails purporting to come from someone the victim knows. Clicking on the link in the email takes the victim to a site with the message: "you are here because one of your friends have invited you here. Page loading, please wait..."
A false start-up screen appears with a message saying "Microsoft Security Alert 2012 has found critical process activity on your PC and will perform fast scan of systemn files."
It then appears as if the computer is being scanned and the security alert menu will appear to "Remove All" or "Cancel".
If the person clicks Remove All, it downloads a Trojan, which harvests a person's email contacts. This is how the scam is spreading and we have recieved emails from affected readers who have our address in their contacts list.
We have found two sites linked to the scam - thespiritglass and pacificrimisg.
Bitdefender and F-Secure said that the criminals rent out sites so other fraudsters can download banking and password-stealing Trojans.
If you have fallen victim to this scam, close the web browser and run a full systemn scan with your security software.
