Beware of emails that contain unexplained links, even if they come from a friend's email address. They could lead you to unwittingly install malicious software
Q Recently, I received an email from a friend. The messages contained a single link, which I clicked. Suddenly, Windows popped up a security alert and told me that my computer was infected by viruses.
Another Windows message offered to remove them all so I clicked the relevant button and then another security message popped up telling me I needed to run a download. I clicked Run and then my PC restarted and all seemed OK.
When I asked my friend what the link was about, he said he’d had the same experience, having clicked a link sent by a friend of his. However, my friend insists he hasn’t sent me any emails but I’m certain I received one from him. What’s going on?
A It sounds to us as though you’ve fallen victim to a scam (read our report on bogus Microsoft security alerts). In short, what you experienced was a series of fake Windows security alerts seemingly relating to dozens of virus infections.
In fact, at this point all you were viewing was a web browser window displaying a very cleverly designed website purporting to be a Microsoft security tool (we’ve seen it masquerade under several names, such as Windows Antivirus 2012 and Windows 7 Internet Security 2012).
As such, your computer wasn’t at this point in any peril; had you closed the web browser, that would have been that. However, as your friend before you, you were taken in by the convincing scam and proceeded to download and run the offered fix.
And now for the bad news. The ‘fix’ was in fact a virus that will have harvested your email address book to send all your contacts a link to itself, which also explains why your friend ‘sent’ you an email apparently without knowing about it.
If your email contacts click the link and are themselves fooled then they will aid the spread of the virus.
Sadly, that’s not all that this virus seems to do. We should be clear that there are numerous variants of the infection but the ones that we’ve seen all do a very good job of preventing their detection and removal.
If you try to launch a program that it deems harmful to itself – such as a real security program – the virus will respond with another fake virus warning.
Removal is possible though quite long-winded. As we don’t have the space to detail the process in these pages we’ll refer you some instructions on the Malwarebytes forum, where one helpful user has published a comprehensive guide to ridding your PC of this awful invader.
Updating your subscription status