There are some “interesting” similarities between the home page of the DefenceLab rogue and the web pages of some legitimate anti-virus companies.
Our good friends at McAfee alerted us to some of this then Patrick Jordan and Alex Eckelberry took a closer look at the Web site associated with the new DefenceLab rogue that we reported on earlier this week.
DefenceLab was the one that directs the potential victim to a Microsoft Support page, but injects html code into the page in his or her browser to make it appear as though Microsoft is suggesting the purchase of the rogue.
Here’s what we mean by “interesting” similarities:
They did leave out one paragraph from Sunbelt’s text though:
“You may send an e-mail or letter to the following e-mail or street address requesting access to or correction of your personally identifiable information:
“Privacy Manager. . “