Beware of scammers impersonating Malwarebytes

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand.

Very convincing fake Malwarebytes site at malwarebytes.pro
Image courtesy of Trellix

The download from the fake website was an information stealer with a filename that resembled that of the actual Malwarebytes installer.

Besides some common system information, this stealer goes after:

  • Account tokens
  • Steam tokens
  • Saved card details
  • System profiles
  • Telegram logins
  • List of running process names
  • Installed browser lists and their version
  • Credentials from the browser “User Data” folder, Local DB an autofill
  • Cookies from the browser
  • List of folders on the C drive

This is just one scam, but there are always others using our name to target people. We regularly see tech support scammers pretending to be Malwarebytes to defraud their victims.

Some scammers sell—sometimes illegal—copies of Malwarebytes for prices that are boldly exaggerated.

scammer selling overpriced copy of Malwarebytes

Others will try and phish you by sending you a confirmation mail of your subscription to Malwarebytes.

phisihng mail saying it's an Order confirmation

And sometimes when you search for Malwarebytes you will find imposters in between legitimate re-sellers. Some even use our logo.

search result for Malwarebytes Premium pointing to an imposter site

In this case, Google warned us that there was danger up ahead.

Google warning for malwarebytes-premium.net

The site itself was not as convincing as the advert, and some poking around in the source code told us the website was likely built by a Russian speaking individual.

source code including Russian error prompt

How to avoid brand scams

It’s easy to see how people can fall for fake brand notices. Here are some things that can help you avoid scams that use our name:

  • Download software directly from our sites if you are not sure of the legitimacy of the ones offered to you.
  • Check that any emails that appear to come from Malwarebytes are sent from a malwarebytes.com address.
  • If you have any questions or doubts as to the legitimacy of something, you can contact our Support team.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

https://blog.malwarebytes.com/feed/

Leave a Reply