Skype “Online Notification” leads to Fake AV

In a sneaky bit of social engineering scareware pushers are registering convincing sounding monikers as Skype user names and attempting to lead people to rogue anti-malware sites.

 

Skyp_Rogue_AV

Skype Rogue AV lure

 

The user name that is displayed in the Skype chat window is “Online Notification” and the associated user names appear on many variations of that theme; online.notification.america9, online.notification.america10 etc. This tactic lends this attack a veneer of credibility that is missing from the usual “Hi, I’m a sexy lady” or “Hi, buy my Chinese kitchen equipment” scams that are more familiar over Skype.

 

To the unwary, because of the well chosen user name, these messages appear to be something other than a stranger sending you a message, they appear to be some kind of real online notification.

 

The full text of the Skype message is

“******************************************

URGENT SYSTEM SCAN NOTIFICATION ! PLEASE READ CAREFULLY !!

http://www. {rogueAV domain}.net/

For the link to become active, please click on ‘Add to contacts’ skype button or type it in manually into your web browser !

FULL DETAILS OF SCAN RESULT BELOW

******************************************

WINDOWS REQUIRES IMMEDIATE ATTENTION

ATTENTION ! Security Center has detected malware on your computer !

Affected Software:

Microsoft Windows Vista

Microsoft Windows XP

Microsoft Windows 2000

Microsoft Windows Server 2003

Impact of Vulnerability: Remote Code Execution / Virus Infection / Unexpected shutdowns

Recommendation: Users running vulnerable version should install a repair utility immediately

Your system IS affected, download the patch from the address below !

Failure to do so may result in severe computer malfunction.

http://www. {rogueAV domain}.net/

For the link to become active, please click on ‘Add to contacts’ skype button or type it in manually into your web browser !”

 

The modus operandi is annoyingly familiar, just the medium and method are slightly novel. As I’m sure you have already guessed, these messages lead to fake anti-virus programs designed to extort cash from the victim. The same message appears with several different destination URLs, the advice in every case remains the same.

 

1 – Ignore the message

 
2 – Block the user (and check the “Report abuse from this person” box when you do so).
 
3 – Sit back and sip your cup of tea knowing you have done your bit in the fight against cybercrime today.

15 thoughts on “Skype “Online Notification” leads to Fake AV

  1. steve

    I have been receiving these calls for over a year now and nobody seems to do anything about it. they were even calling me in the middle of the night (I use a “Freetalk” phone adapter) Skype is my landline, not an addition to my landline. I had to hook up the phone adapter to a timer so that the phone won’t ring in the night anymore. Really sad that you have to go that far in the year 2013 – in the 60s, 70s or 80s a phone was a tool for communication, now it has become a terror instrument.

    Reply
  2. Pygormus

    Can anyone stop these bastards? I’m getting as many as two or three calls a day from them. “Report abuse” to Skype accomplishes NOTHING.

    Reply
  3. LadyInMaine

    Just opened Skype on May 17th, 2012, and this scam is still going on. Thank goodness I read a lot of various different things and could immediately smell something rotten. And good old Google brought me here and confirmed my suspicions.

    Reply
  4. Marla

    I noticed the one time I accepted the call, just by accepting the call my OWN personal anti-virus and spyware program went haywire. That set off bells in my head and ever since i just report abuse and block it.

    Reply
  5. Caitlin

    I’m getting sick of being harassed by these guys. I report them, I flag them for abuse, and Skype refuses to do anything. I get a call from them at the exact same time every day, even when I am invisible or set as offline. They will contact me even when my laptop is turned off.

    Skype, deal with this or you’re going to wind up losing a lot of customers.

    The one that keeps contacting me over and over is usa.urgent.sys-notice.b3.

    Reply
  6. jlm1354

    I blocked one of these numbers and checked the report abuse box, but they are still calling me over and over again. The blocking didn’t work and Skype support was not supportive.

    Reply
  7. Pam

    More than a year later, I just received much the same: I clicked (on my Mac screen) to answer an incoming Skype call and the thing talked to me, in computer-generated alarmist American tones. It said “a virus has been detected on your computer”, that my system HAS been infected and affected,and that I must “request professional maintenance at http://www.sos.nbc.com“. This last phrase was repeated until I disconnected the call.
    I haven’t gone anywhere near the website, of course. The associated Skype user is: “o.notification.am16” but the incoming Skype call appears in my call record as just “Online Notification”. Grrr.
    Grateful to the rest of you for confirming my assumption (always a bit unsettling) that this IS a scam.

    Reply
  8. check in online

    I don’t remember the site name, I found it on google, it said that I have 160 worms in my C drive, 20 Trojans in My Documents and all, then it tried to install something with fake names, I just navigate away from that.

    Reply
  9. Natalya P

    I’ve got the same message and it looked very fake to me. Thank you for posting this message, which helps us to stay safe.

    Reply
  10. Pingback: Nep-virusscanners verspreid via Skype | PC Web Plus - ICT nieuws blog

  11. Pingback: Tweets that mention Skype “Online Notification” leads to Fake AV » CounterMeasures -- Topsy.com

Leave a Reply

Your email address will not be published. Required fields are marked *

*