Don't Buy Antivirus Software from Spam Emails or Suspicious Websites

Today’s lesson? Don’t  buy antivirus software from unsolicited emails or suspicious looking websites.

Kaspersky Lab Experts recently posted a warning about spam emails going around that offer a rogue antivirus application called “Best Antivirus Online.”

According to the post, the email was decorated in Kaspersky’s signature colors and style, topped off with a spoofed sender’s address, “sale@kaspersky.com.”

However, it seems the crooks behind this scam may have been sending out similar emails masquerading as legitimate offers for Symantec’s line of antivirus solutions as well, considering the landing page looked more like it was built for the makers of Norton antivirus.

Regardless of the genuine antivirus software that the rogue application was attempting to mimick, the end result will remain the same.

“To buy the program, the user had to enter their credit card details and email address so they could receive further instructions.” Maria Namestnikova of Kaspersky Labs wrote, “We followed these step as part of our investigations, but received no more instructions at the email address we specified. It is quite possible that users could have received more instructions on how to download the fake antivirus at the time the spam was active.”

Oddly enough, by Googling “best antivirus online” I found antivirusdownload-now.com, which looks nearly identical to the webpage in the post by Kaspersky Lab Experts.



Despite the website having a rather clean design, it still throws a number of red flags:

• Performing a “WHOIS” domain lookup reveals that the individual that registered the domain is using WhoisGuard. Typically scammers use a whois lookup protection service when registering domains to stay out of their victim’s reach.


• The website has the following disclaimer the index page (but nowhere else?): “Disclaimer: This website has no affiliation whatsoever with the owner of this software program and does not re-sell or license software. All software is freeware and/or shareware with the understanding that the user may need or want to pay for it later. Membership is for unlimited access to our site's resources. We provide an organized website with links to third party freeware and shareware software, technical support, tutorials and step by step guides.The website is owned and operated by Certo Business Solutions B.V”


• By Googling “Certo Business Solutions B.V”, I came across the following Google forum post.

If that doesn’t scream scam at you, I don’t know what will.

If you’re looking to buy antivirus protection for your computer, it’s best that you purchase it directly from the vendor or from a well-established reseller. Otherwise you may be paying for some fake antivirus software that either doesn’t do anything or is simply malware in disguise. That's if the scammers deliver anything at all.

Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest internet scams.