I saw this screenshot at the Panda Software blog.
The author of the blog post wrote that the replica of the Windows 7 explorer shell displayed by the fraudware site was “devilishly deceiving and might even fool an expertly trained eye”.
I would hope that an “expertly trained eye” would spot the fact that the word “Searches” has been mis-typed as “Seraches” ;o)
I would also hope that an “expertly trained eye” would notice that the message box from this “devilishly deceiving” Windows shell spoof says “The page at” in the title bar (and a no-name page at that), not to mention the “1024 bit 100% SECURE SITE” graphic down in the lower right hand corner.
Honestly, I don’t expect my users to be experts, but I know the majority of them would start off a call to me with “I’m SO sorry, I should have known better…” if they got taken by this dodge. It just reeks of wrong from every viewing angle.
Hi Peg,
If you look closely at the original graphic at the Panda blog under high magnification you will see that the screenshot has been edited to hide the missing text. The manipulation is very well done, and subtle, but can still be seen. It is standard procedure to protect people from themselves by obscuring the URL of dangerous sites.
Sandi &c.
If you have ever wondered how long it takes to install an ATM skimmer, check this movie out (yes the crook was caught red handed) http://www.liveleak.com/view?i=074_1252777692
Security updates have been released – details here: http://www.adobe.com/support/security/bulletins/apsb09-19.html After updating your Flash version should be 10.0.42.34 and your Air version should be 1.5.3
“Fraudware that looks like Windows 7…”