WinWebSec Deception Continues with Delta Airlines Scam

Such WinWebSec family rogue antispywares as Live Security Platinum and Smart Fortress 2012 are tremendously successful, and have generated illicit profits from thousands of Windows users everywhere. Despite the despicable amounts of money cyber criminals have managed to gather with the assistance of these dangerous infections, crooks are ready to take their cunning security tools to the next level, and this will be done with the respectable and widely known name of Delta Airline, a U.S. based company, which supports both domestic and international flights.

To study the matter closer, we need to look at the newest WinWebSec rogue Live Security Platinum, which has been noted to infiltrate Windows systems via various security backdoors and cracks, including social engineering scams, bundled downloads and encrypted software. Now, the dangerous infection can also be propagated via a tremendously treacherous mass email attack system, with the Delta Airlines title leading the way.

So, how exactly does this scam work? Firstly, a target addressee receives an email titled “Ticket is ready”, which states:

From: Delta Air Lines

Hello,

E-TICKET / EH065894335
SEAT / 77E/ZONE 2
DATE / TIME 20 JUNE, 2012, 09:55 AM
ARRIVING / Virginia Beach
FORM OF PAYMENT / CC
TOTAL PRICE / 276.42 USD
REF / EF.5709 ST / OK
BAG / 4PC

Your bought ticket is attached to the letter as a scan document.
You can print your ticket.

Thank you for using our airline company services.
Delta Air Lines.

This letter is meant to convince target system owners into clicking on the received zip attachment; however, this is what releases the dangerous Sirefef infection, which on its own count can ensure Live Security Platinum’s infiltration. Nonetheless, this is just a second step of the scam, and the real deception is conveyed by the fictitious security tool, which can block Internet connection and ensure that access to essential Windows Tools (Registry Editor and Task Manager) is removed. After these implementations, the rogue is designed to mimic Windows infections and convince naïve Windows users into spending their money on a fictitious full version malware removal tool. The deception is remarkably treacherous, and has deceived hundreds into giving up their money, which is why the virus should be removed right away.

Not many Windows users will be able to commence Live Security Platinum removal without the application of a special registration code (64C665BE-4DE7-423B-A6B6-BC0172B25DF2), but once that is out of the way, manual and automatic rogue’s removal operations should become easily accessible to any Windows users.