RegistryScan.cc tells my Mac I have a Windows Malware infection
I was happily working along this afternoon when suddenly I received a Skype pop-up text message. I rarely use Skype for text messaging, sticking with Adium for that. It's usually some Skype SPAM asking me to come to some lonely woman's web page to see pictures of her. This time the message looked pretty ominous:
Obviously this is just a SPAM attempt to get someone to jump over to a web site. Kind of tough for my Mac running Leopard to get a Registry hack installed. At the bottom of the message was a link to go to the offending site:
http://www.registryscan.cc/?q=scan
Out of curiosity I decided to jump over and take a look at the page. I'm running a Mac and it was pretty clear this was targeting Windows machines. What I got was this:
Just trying to navigate away from the site presented me with this little pop-up:
What do I love about all of this? Let's see:
Anyone out there know how to stop people like this? Is there a good place to report this kind of behavior? I can see non-technical people falling hard for things like this.
Obviously this is just a SPAM attempt to get someone to jump over to a web site. Kind of tough for my Mac running Leopard to get a Registry hack installed. At the bottom of the message was a link to go to the offending site:
http://www.registryscan.cc/?q=scan
Out of curiosity I decided to jump over and take a look at the page. I'm running a Mac and it was pretty clear this was targeting Windows machines. What I got was this:
Just trying to navigate away from the site presented me with this little pop-up:
What do I love about all of this? Let's see:
- The animation leading up to the above screen shot looks like a Windows progress dialog
- The Windows XP style dialogs were very nicely done
- The ScanAlert motto: Making the web Hacker Safe! (technically doesn't that mean it's making it safe for hackers???)
- The line "You PC is still with spyware!" makes me think a LOLCat is responsible
- That I'm running a Mac
Anyone out there know how to stop people like this? Is there a good place to report this kind of behavior? I can see non-technical people falling hard for things like this.
Comments
We need more people to be educated about the internet and scams etc. Just you posting this blog will educate some people. So THANKS!
I've had many people who have clicked these types of popups/unders and gone through with the scans and infected their computers to the point of no return... and then come running to me crying -_-" Like a guy last year in my class clicked on a popunder that said he had a certain Trojan horse virus and in the end got that virus from the website and I had to spend days trying to recover the system :| Not fun...
I wish there was a place to report this sort of stuff but unfortunately the internet is an untamed place and action will only usually get taken if it's involved in fraud/copyright breaches which sucks :(
i was here
**end sarcasm**
I did a google on the URL and found your post...perfect timing. Thanks for taking the time to share.
Tom
But I'm glad that my "PC" is "still", even though it's only "still with malware". Imagine it would be moving! Kind of difficult to type :)
http://www.skype.com/security/safety/safety.html
The skype user to block is
computer.update.kac9
Computer Update
I have flagged it as bogus to the skype team, btw.
Looking through my logs I've had over 600 visitors reach my blog through Google by searching for "registryscan.cc" in the past 3 months so clearly the intertubes are working.