(Hat-tip to Calvin).
You know you’re a big deal when scammers use you in their SEO poisoning antics, and unfortunately Marvin Sapp (American Gospel singer / songwriter) is the latest victim of Fake Antivirus peddlers. His wife died a few days ago, and it didn’t take long before malicious websites were riding high in Google image search. From the very first page:
The highlighted image above takes the end-user to conversestore(dot)net/blog/tmp/marvin-sapp(dot)html, which presents them with some random text, screenshots and a fake video:
Also of note: the “Youtube” favicon, which tends to pop up on fake video sites. After a few seconds (and before the user can even touch the fake video), the site forwards the user on to safe-me-please60(dot)co(dot)cc and presents them with fake scans and executable download prompts:
Running the executable will place a fake antivirus program on the PC – in this case, “My Security Shield”.
Detections are low for this one at present, with 16/43 catching the rogue and our good selves snagging it as Trojan.Win32.Generic!BT. Be warned that there are other sites with dubious links and redirects floating in and out of Image search, although not all of them appear to be live. You might want to avoid searching for images related to this particular story for the time being and stick to reading about it instead…
Christopher Boyd