Some novice to intermediate users can easily be fooled by a new Trojan horse called “Trojan.Kardphisher” which opens up a relatively realistic looking “Microsoft Piracy Control” dialog box.
If a user falls victim to this Trojan, the rogue software will shut down Windows and ask the users choose to “activate” their copy of Windows and enter their details when they next turn their computer on.
Once you choose to “activate” your copy of Windows because the Trojan tells you that “Your copy of Windows was activated by another user”, it asks you to enter in your location, your contact information, your credit card number, your ATM pin number (!), your card’s expiration date and the 3-digit CVV2 number. The software tells you that your card won’t be charged, but that it needs the details to proceed with activation.
Symantec have posted removal instructions which tell you how to get rid of the Trojan.
Its interface looks really similar as all Windows XP dialogs. Here are the screenshots:
If a user falls victim to this Trojan, the rogue software will shut down Windows and ask the users choose to “activate” their copy of Windows and enter their details when they next turn their computer on.
Once you choose to “activate” your copy of Windows because the Trojan tells you that “Your copy of Windows was activated by another user”, it asks you to enter in your location, your contact information, your credit card number, your ATM pin number (!), your card’s expiration date and the 3-digit CVV2 number. The software tells you that your card won’t be charged, but that it needs the details to proceed with activation.
Symantec have posted removal instructions which tell you how to get rid of the Trojan.
Its interface looks really similar as all Windows XP dialogs. Here are the screenshots:
BEAWRE
