Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand.
Image courtesy of Trellix
The download from the fake website was an information stealer with a filename that resembled that of the actual Malwarebytes installer.
Besides some common system information, this stealer goes after:
This is just one scam, but there are always others using our name to target people. We regularly see tech support scammers pretending to be Malwarebytes to defraud their victims.
Some scammers sell—sometimes illegal—copies of Malwarebytes for prices that are boldly exaggerated.
Others will try and phish you by sending you a confirmation mail of your subscription to Malwarebytes.
And sometimes when you search for Malwarebytes you will find imposters in between legitimate re-sellers. Some even use our logo.
In this case, Google warned us that there was danger up ahead.
The site itself was not as convincing as the advert, and some poking around in the source code told us the website was likely built by a Russian speaking individual.
It's easy to see how people can fall for fake brand notices. Here are some things that can help you avoid scams that use our name:
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.