Protect your tech
WATCH OUT FOR...
New tools
ScamWatch
Readers warn readers11Warn your fellow readers about scams
at [email protected]Scams and threats to avoid, plus new security tools
Fake Windows 11 upgrade sites
What’s the threat?
Criminals are infecting
computers with malware
through a fake download site
for Windows 11. The site
mimics Microsoft’s official
download page for the
operating system, using the
correct design, logos, images
and section bars at the top.
The only clear sign that it’s
fake is the incorrect URL
(see screenshot).
Clicking the ‘Download
Now’ button installs an ISO
file that contains the new malware Inno
Stealer, which can steal cryptocurrency
wallets and browser data such as
passwords. It disables security software
when installed to avoid detection.How can you stay safe?
The criminals behind this site managed
to hack search engines to get the URLdown soon. Be aware, though,
that criminals will try the
same technique using
different URLs to infect
people who are looking to
download Windows 11. In
February, security researchers
removed a similar Russian site
that was infecting computers
with the RedLine malware
(see Issue 626, page 9, and
http://www.snipca.com/40922).
One of the reasons
these attacks are currently
popular is that hackers are
exploiting the frustration many users
feel at not meeting Microsoft’s hardware
requirements for installing Windows 11.
They know that some users who are
denied the upgrade through Windows
Update (because their computers aren’t
powerful enough) will seek alternative
ways to install the system – such as by
searching for download pages.listed as a legitimate search result, so the
most reliable way to avoid such scams is
to never look for Windows download
pages through a search engine. Instead,
type the URL directly into your browser’s
address bar: http://www.microsoft.com/
software-download/windows11.
The fake site was still live at the time of
writing, though it’s likely to be takenChrome’s
extension badgesGoogle has devised two
‘badges’ for listings on its
Chrome Web Store to indicate
the quality of the browser
extensions available there,
helping you to avoid any
dodgy ones.
The most prestigious badge
is ‘Featured’, which means the
extension has been evaluated
by “Chrome team members” (as
opposed to an algorithm), and follows
Google’s “technical best practices
and meets a high standard of user
experience and design”. The
extension’s listing must also be fully
detailed, with excellent screenshots.
The other badge confirms that the
extension’s developer is an ‘Established
Publisher’, which means it has verified
its identity and “established aconsistent positive track record with
Google services and compliance with
the Developer Program Policy”.
In its blog (www.snipca.com/41681),
Google says developers can’t pay to
receive either badge, but they can ask
for their extension to get the Featured
award. Presumably, the idea behind
having two badges is to encourage
those developers who are recognised
as an Established Publisher to push
for the higher badge.Fake ‘council tax
rebate’ call
I received a phone call from a woman
who claimed she was a local
government official, and told me
she could help process my £
council tax rebate. I knew this was a
scam because our house is in band E,
and therefore not eligible for the
rebate. I also know that people
entitled to the rebate will either
receive the money in their bank
account, or be sent a letter with
information on how to claim. I
mentioned all this to the caller who
was clearly nonplussed because she
hung up! Hopefully she’ll be just as
frustrated by other potential victims.
Don AllenIssue 631 • 11 – 24 May 2022