Tom Kelchner, Sunbelt blog: Alert reader Laurie (my boss actually) forwarded a copy an email she received from a friend. It said the sender was “…pleased to announce the newest version of Antivirus 2010 for Windows.”
There was a link to click, of course.
Something called “Antivirus 2010” for sale in November is very odd for three reasons:
1) It’s nearly 2011 and legitimate AV companies are putting out their 2011 versions.
2) There was a rogue security product last year called “Antivirus 2010.” (VIPRE detection: FraudTool.Win32.Antivirus2010 (v))
3) Although a lot of companies make a product named Anti-Virus 2010, they usually put their name in front of it, such as “Kaspersky Anti-Virus 2010” or “Norton AntiVirus 2010.”
The Antivirus 2010 rogue graphic interface from 2009:
We checked out the URL (officialversion.ru) in the email, putting in our name and “promotion code” (actually any number will do) , went past the “member login page” that made some mentions of the very legitimate AVG anti-virus company, and went on to a credit card payment page. The REAL AVG company (fourth largest AV vendor in the world) offers “AVG Anti-Virus Free Edition 2011” in addition to security software that users purchase.
We noticed the logo on the page mimicked the colors of the AVG logo:
— $2.49 per month.
— A two-year “Full Access & Support” choice for $17.49 per month
— Three year “VIP” access for $11.67 per year.
— (optional add on) Firewall for $14.88 – marked down from $39.95
— (optional) Antivirus Pro Version Updates for $8.95.
We didn’t make a purchase, so, we don’t really know what’s behind the “pay now” button however, you can be sure it isn’t anything good.
We can pretty well conclude that the scam email is offering:
— A rogue security product
— AVG’s Anti-Virus Free Edition, except they charge you before they redirect your browser to AVG’s site for download.
— Something else called “Antivirus 2010” that has no visible presence on the Web.
AVG’s real page is here: http://free.avg.com/us-en/homepage
Thanks Laurie. Thanks Doug. Thanks Patrick.
Credit to Tom Kelchner from Sunbelt blog.