Till now we have seen scammers using “Video ActiveX Object Error” and “Image ActiveX Object Error” bogus error to bait users into downloading Trojan horse disguised as codec.
Recently they have come up with a new tactic and started using “Virus Scanner ActiveX Object Error” well the scammers seems to directly dump the rogue security application rather than having the Trojan horse to do the dirty work.
The latest Rogue on the internet “LastDefender” has been seen using this tactic.
Here is the list of screenshots of the "Scare scan"/"Fake scan" scam sites used by LastDefender
Bogus "Antivirus Software Error" message
Site Name: Thelastdefender.com
IP Address: 126.96.36.199
This is the “LastDefender” home page
Site Name: LastDefender.net
IP Address: 188.8.131.52
This is the “LastDefender” scare scan/Fake scan pages.
AVG 184.108.40.2066 2008.03.02 Downloader.Generic6.AGDQ