Jump to content

** Beware of scammers impersonating Malwarebytes

David H. Lipman
 Share

Recommended Posts

David H. Lipman

David H. Lipman

Posted
Posted (edited)

Beware of scammers impersonating Malwarebytes

Posted: May 30, 2024 by Malwarebytes Labs

Quote

 

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand.

 

Very convincing fake Malwarebytes site at malwarebytes.pro

                                                                                   Image courtesy of Trellix

The download from the fake website was an information stealer with a filename that resembled that of the actual Malwarebytes installer.

Besides some common system information, this stealer goes after:

  • Account tokens
  • Steam tokens
  • Saved card details
  • System profiles
  • Telegram logins
  • List of running process names
  • Installed browser lists and their version
  • Credentials from the browser “User Data” folder, Local DB an autofill
  • Cookies from the browser
  • List of folders on the C drive

This is just one scam, but there are always others using our name to target people. We regularly see tech support scammers pretending to be Malwarebytes to defraud their victims.

Some scammers sell—sometimes illegal—copies of Malwarebytes for prices that are boldly exaggerated.

scammer selling overpriced copy of Malwarebytes

Others will try and phish you by sending you a confirmation mail of your subscription to Malwarebytes.

phisihng mail saying it's an Order confirmation

And sometimes when you search for Malwarebytes you will find imposters in between legitimate re-sellers. Some even use our logo.

search result for Malwarebytes Premium pointing to an imposter site

In this case, Google warned us that there was danger up ahead.

Google warning for malwarebytes-premium.net

The site itself was not as convincing as the advert, and some poking around in the source code told us the website was likely built by a Russian speaking individual.

source code including Russian error prompt

How to avoid brand scams

It’s easy to see how people can fall for fake brand notices. Here are some things that can help you avoid scams that use our name:

  • Download software directly from our sites if you are not sure of the legitimacy of the ones offered to you.
  • Check that any emails that appear to come from Malwarebytes are sent from a malwarebytes.com address.
  • If you have any questions or doubts as to the legitimacy of something, you can contact our Support team.

 

Edited by David H. Lipman
Edited for content, clarity, spelling and/or grammar
  • Like 3
  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.