Someone sent me this link today to GreenBorder’s online desktop testing platform. While it’s a great idea to give people the tools necessary to test for the relative security of their system I always find it amusing that we tell people “Download an executable from the internet and run it to test if you’re secure or not.” Not only that, the site doesn’t use SSL, and they aren’t exactly the best known website in the world.
Then if you look at the source of the HTA file you find this tidbit:
// Be informed that the only reason that the source code is compressed is to easily get through AVs.
// You can retrieve the whole uncompressed source code at http://www.greenborder.com/test/gbtest.zip
Getting around AV? Are these the words of a security company? Because people know how to compare the two to make sure they are running the same thing?
Yes, they are a real security company, and no, this isn’t malicious. I’m just always amazed at how security people think consumers are dumb for clicking through security boxes when we ask them to do it all the time. How hard do you think it would be to create a site that did the exact same thing? I bet the phisher’s version of the site would end up with a lot more excitement as your bank account gets siphoned. Just think of it as the Internet Roller coaster.