Fake Avira AV: Is Google at fault?

Discussion in 'malware problems & news' started by Keyboard_Commando, Jul 9, 2009.

Thread Status:
Not open for further replies.
  1. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    I noticed something odd last night while searching for Avira's website. The first search hit from Google UK shows a phishing/scam site, "Copyright AVIRA Downloads ? 2008"

    It appears in the sponsored links at the top of the page and also down the sides in several instances. The only thing that warned me to the problem was WOT. I dread to think how many newbs without WOT are visiting this site and falling for it.


    google1.jpg


    I wonder if Google even bothers checking out these links they're advertising on their own pages, or maybe this is just some hi-jacking they're unaware of. This advert has been there for over 12 hours already and they haven't removed it.

    I noticed the fake secure login page is connecting to Plimus.com. They have red WOT warnings, Mcafee SiteAdvisor rates plimus as safe, even though their SiteAdvisor page for Plimus.com is full of warnings people about Plimus being a phising scam enabler. Does Mcafee even bother listening to its own customers? Crikey.

    All of these roguewares are bought via Plimus.com and there are more plastered on Mcafee SiteAdvisor warning people

    "Antivirus 2010"
    "AntiVirus Pro":
    "AdWare Pro":
    "AntiTrojanPro":
    "AntiMalware Pro":
    "Registry-Cleaner-Pro":
    "iMunizator"

    Google & Mcafee = Fail!

    I did a few screenshots of the pages.

    Edited links, sorry

    avira_scam_1.jpg

    avira scam 3.JPG

    log in 2.JPG

    final page.JPG
     
    Last edited: Jul 9, 2009
  2. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,238
    Location:
    USA
    Re the title of this thread, if Google is at fault, then so is Yahoo. I typically use Firefox with Adblock Plus. So, out of sheer curiosity, I fired up IE8, typed "avira" into Yahoo's search box, and Voila!:
     

    Attached Files:

    Last edited: Jul 9, 2009
  3. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    Its incredible that these sites allowed to be advertised like this. I wonder how Avira feels about such sites targetting its potential customers.


    EDITED LINKS sorry
     
    Last edited: Jul 9, 2009
  4. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    A couple of points.

    1) it looke to me from the disclaimer that the first site will allow you to download Avira free - and states you are paying for the support on the site. they also state they are not licensed to sell te software and have no relationship wwith Avira. his wont help them one bit - they have used the Avira logo without permision, which is unlwaful. The second site does not use the Avira logo, so i would guess could be seen to be legal in the face of it - this said, however, I would not advise anyone to enter their card details unless they want to be ripped off!

    2) This thread needs to be removed as it is against forum ruless to post the URL of malware or phishing sites etc.

    cant see any mods or admins online, but I will email them.
     
  5. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
  6. 1boss1

    1boss1 Registered Member

    Joined:
    Jun 26, 2009
    Posts:
    401
    Location:
    Australia
    Yes and no, there are banned trademark words you can't run in an Adwords campaign for instance search "Ebay" and you will only find ads by Ebay properties such as Paypal or Shopping.com or official partners despite 1,000's of other sites running the Ebay affiliate program.

    Avira have an affiliate program here where you can setup a shop and sell their product. Some companies allow affiliates to use the products band name in online advertising, and others like Ebay don't.

    So it's up to Avira to contact Google, establish ownership of the mark and request it be disallowed in campaigns by third party websites.
     
  7. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Don't we all know never to click on ads ? :blink:
     
  8. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    I emailed Avira and they replied saying those websites will be flagged in the next AV updates.
     
  9. kabo0m

    kabo0m Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    1
    Location:
    Canada
    Seems that more and more of the search engine's results can't be trusted. I have come across other sites when searching for security files and then my anti-virus alerted me that what I really installed was a keylogger.

    The scary thing is .. if you don't know the direct link .. you search for it and believe the search results. I have heard that it isn't just "good people" getting their links sponsored now and no longer is it "if its sponsored it must be trusthworthy"... Now anyone can pay to get their site sponsored. After all, money talks.

    Another scary thing is .. people will go on about how they tried a program and it works well and then suggest it to others (what happened to me is I believed the person knew what they were talking about) but if your security is not up to date you won't even know that what you downloaded actually is a trojan with a wonderful little surprise hiding inside it.
     
Loading...
Thread Status:
Not open for further replies.