subject: Hiding Behind The Microsoft Name: Avoid The Fake Microsoft Windows Activation [print this page] When we see pop-up alerts from a trusted program like Microsoft, we grant them great authority and take the messages very seriously. Most of the time, all we take is a quick glance. We see the right colors, the right symbols, and we take the suggested action. This is exactly the reaction rogue applications, like the fake Microsoft Windows Activation Trojan, hope for. They want quick reactions, not informed decisions. The best way to avoid rogue programs is to take the time to recognize them.
An Introduction to the Fake Microsoft Windows Activation Trojan
A Trojan is, of course, a vehicle that carries various forms of malware into a computer system. The Microsoft Windows Activation Trojan, also known as the Microsoft Piracy Control Trojan, Kardphisher, and Trojan.Kardphisher, targets the prominent issue of software piracy. Its goal is to persuade you that you are using an unauthorized version of Windows and that you need to reactivate it, a process which requires that you enter your contact and financial information. Because there are times when reactivating Windows may be necessary, this can be an effective ploy, but be aware that Microsoft will never ask you to enter personal or financial information in this manner.
The Fake Microsoft Windows Activation Trojan in Your System
While there is certainly no benefit to having a rogue application in your system, a silver lining is that they are relatively easy to identify. This is particularly true of the Microsoft Piracy Trojan; you will notice an influx of pop-ups, which get progressively more intrusive. The text of these messages will read as follows:
Microsoft Piracy Control
Your copy of windows was activated by another user.
To help reduce software piracy, please re-activate your copy of Windows now.
We will ask for you billing details, but your credit card will NOT be charged.
You must activate Windows before you can continue to use it.
Microsoft is committed to your privacy. For more information, www.microsoft.com/piracy.
Do you want to activate Windows now?
The messages imitate those issued by Microsoft, and upon first glance, they appear completely legitimate. Rogue applications depend on that first glance: they want you to see the characteristic blue color, the Windows name, the legitimate website address, and the recognizable and trusted Windows quad-colored symbol. They do not want you to stop and question whether Windows is properly activated, which can be easily verified, or whether Microsoft would send messages like this.
The pop-up gives you the options of reactivating immediately or waiting until later. If you opt to reactivate, you will be prompted to enter your contact and credit card information. Never do this. Option two isnt much better: if you elect to reactivate later, your computer will reboot, and the message will reappear.
This cycle will continue, making it difficult to run other programs. The Windows Activation Trojan is known as an extortion Trojan, meaning that in order to break this endless reboot cycle, you will need to reactivate and enter your credit card number. Those that do enter their credit card numbers, however, find their accounts charged figures that are never disclosed by the message. This is essentially ransomware, in that it holds your system captive until you pay, or until you remove the Trojan, which is the suggested course of action.
How the Fake Microsoft Windows Activation Trojan Accesses Your System
Trojans depend on disguises in order to gain access to your system. The Trojan Vundo, for instance, is disguised in spam email attachments. When you click on such an attachment, it can allow Vundo and whichever forms of malware Vundo is carrying into your system. There are a myriad of Trojans, and the false Windows Activation version is typically harbored in sites containing adult material.
This is the usual suspect, but Trojans can also be found on seemingly innocuous sites, particularly those with social networking, free videos, shareware, gaming, and pirated content, as well as trending topics. When you click on an ad, image, attachment, video, or simply visit an affected site, it can allow a Trojan like the Microsoft Piracy version to enter your computer.
If you notice the Microsoft Windows Activation messages appearing, it is important that you never enter any personal or financial information. Your account will be charged. Rogue applications can exploit security vulnerabilities in your system, allowing other forms of malware to enter. For this reason, and to ensure that you are able to use your computer without encountering pop-ups and endless rebooting, it is important that you take immediate steps to remove the Trojan from your system.
