The security experts at Trend Micro have discovered an incredibly sneaky form of ransomware that uses a new twist to deliver its dangerous payload. This malware disguises itself as antivirus software.

Here’s how the crooks do it. They send an email with a phony alert that says there’s a problem with your PC and that you need to click on a download link for a special antivirus. It even gives you a password to enter.

scam-download-link.jpg

What you’ll actually download is a real anti-virus tool bundled with a piece of ransomware. The actual AV tool will start an installation wizard which keeps you occupied while the ransomware is busy encrypting your files.

est-av-remover.jpg

Whether or not you actually finish installing the AV Remover tool once you’ve downloaded the malicious payload has no effect on the ransomware installing. It’s a tool to keep you distracted.

end-user-agreement.jpg

How do you protect yourself? Educate yourself and anyone you work with in a business or organization about the dangers of phishing scams. You’ll never get a notice from a legitimate security company via email telling you to immediately download a program.  You should never click on links in emails unless you are absolutely certain they are legitimate.  Always keep a good backup of all your important files. So even if you get hit, you can reset your computer and recover your data.

Every single day home users and business users fall for these scams. Don’t be one of them.