Microsoft is warning that a new sophisticated malware has the ability to fool users to clicking on it because it can copy the UI and appearance of an official security alert presented by Firefox, Chrome, or Internet Explorer. The malware called Rogue:MSIL/Zeven will be able to detect which browser a user is using and then display a warning message prompting users to scan for viruses and threats. The ploy in the end is to get the computer user to hand over payment for a removal tool after the malware reports back that it has detected a threat or vulnerability on a user’s system.

The way it works is that the malware will present a dialogue box that looks official enough to get the users to click on. After that, the malware will cleverly disguise itself as an official Windows tool, allowing users to download security and system updates, change preferences, and scan a user’s computer. It will then display a false threat alert with files that the program says it cannot remove without the aid of a paid malware removal tool, asking the user to purchase the tool. In reality, those files that were supposedly detected never existed on a user’s computer to begin with, and the ploy really is to get payment.

Article Source