A new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven.

Let us say from the beginning that the guys behind this rogue like to copy big-time. They start by auto-detecting what browser the user is currently using, and then faking the malware warning page if the browser is Internet Explorer, Chrome, or Firefox. This is meant to be a social engineering scheme in order to trick the user into downloading and installing the rogue, relying on the userís trust of his day-to-day browser.

The similarity between the fake warning pages is so accurate that it can trick even highly trained eyes



More here: Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie - Microsoft Malware Protection Center - Site Home - TechNet Blogs