I was using Skype the other day on my PC and suddenly Windows Security Center popped up a warning message telling me that my computer was infected by a virus and that I needed to install a repair utility of some sort. Huh? What’s that all about, Dave?
One thing I have to give virus writers and hackers credit for is that they always push the envelope, trying new and different angles on a weekly basis. I had no idea what you were talking about until just the other day on my Mac I saw what I imagine is the same message.
Before I show you the message remember that it’s easy for any chat or IM application to pop up an almost arbitrary message on your screen, whether it’s thanking you for visiting a non-existent site, warning you of some government investigation of your computer, inviting you to get an “early release beta” or, as you saw, download free security repair software.
The window you got looked like this:
Looks fairly legit except for one huge problem: I’m running Skype on a Mac so what the heck sort of Windows security problem could it possibly detect, even if it were real?
The answer is that it’s just a clever spoof, a fake Skype message from some random user that’s intended to look like a security warning message. Skype, however, doesn’t issue Windows security errors and in any case, the key thing to observe is – as always – where it wants you to go.
In this case it’s “http://www.registryscan.cc/” Do you recognize the “.cc” suffix? It’s the Cocos Islands in the Maldives. Don’t know where that is? Neither did I. The Maldives are a small group of islands off the southern tip of India.
Hmmm… what a strange place to send you for a registry scan if it’s indeed part of Skype, an eBay company based in Northern California, USA!
A quick whois query reveals something even more strange:
Andrej Kazaniski
Pod Nahorjem 180
Prague, CZ 44300
So the site is actually registered to a chap in Czheckoslovakia. Okay, so there’s zero likelihood that a warning message that sends you to a domain registered to a small island off India and owned by a guy in Prague is actually legitimate.
The moral of the story is the usual: be very skeptical.
Lol well, i just recently got skype.. but uh, ive got these pop ups almost anywhere i went before i even knew about skype! I got them for a year. Im not sure if it was the same thing, but it showed a disk drive and stuff, and had a green bar downloading something telling me i needed to scan. Anywherei went man.. Google search about lions — BOOM virus alert! youtube, BOOM virus alert!!! Psh.. all i know is, the first time i got this pop up, i almost thought it was real for a split second. But i was panicing, so i turned off the power. When i went back on, oh sure, everything was good good good. I did a virus scan just to make sure, but everything was fine. I thought… well i guess turning off the power was the right thing to do. The second time it happend i was like WTH?!? So i turned of the power again. Now, around the third time, it began to become a normal thing. Id be all like, “*sigh* here we go again.. when are they gonna take down this stupid website…”. Once my friend came over when it happend. she was panicing cuz she was the one useing the comp. And i was just like, “oh, just turn off the power.” Hehe.
Sorry for that book there
On a side note, i got a call on skype from usf5.warning.notice im guessing its another spammer. I missef the call and i dont even know why he called cuz i wasent even on, but i was kinda dumb and left a smiley face in a message o.e but i left from the message.
so what do i do…ignore that screen… i had the same exact thing happen twice and i fully fell for it twice swearing off skype after that… and i it also put a hotbar thing in my computer that took me a while to get rid of.. so should i try to download it again and just avoid those warnings?
Same message, different website. Mine was http://www.updatefm.org.
I received the same warning on SKYPE on 11/16/09. The only difference was the URL I was commanded to enter was http://www.updatelc.org. A “WHOIS” of that site revealed a different guy in Prague. His email address is sjanpraha4887@gmail.com
Hope this helps somebody else. Let me know.
Who cares….it’s spam is the freakin point!!
There’s no Czheckoslovakia since 1993.
Hey, Hassan,
1. Who’s “Jim”? The writer of this website is named “Dave”.
2. Cocos Island (singular) is indeed off the coast of Costa Rica. However, Dave correctly states that the .cc domain is for the Cocos IslandS (plural), which is a territory of Australia. Granted that that still is not in the Maldives, maybe YOU should get your facts straight.
hey, jim,
cocos island is not in maldives. get your facts right.