ARS Technica reports malware makers have gotten more creative to separate you from your hard-earned cash. One of the latest threats is MSIL/Zeven, a piece of malware that auto-detects which browser you're using to imitate a legit-looking malware warning page from Internet Explorer, Firefox, or Chrome, in order to lure you to a page that sells a fake anti-malware solution.
Beyond the warning pages, the actual malware looks like the real deal: it allows you to scan files, tells you when you're behind on your updates, and enables you to change your security and privacy settings. Performing a scan results in the product finding malicious files, but of course it cannot delete them unless you update, which requires paying for the full version. Attempting to buy the product will open an HTML window that provides a useless "Safe Browsing Mode" with high-strength encryption. To top it all off, the rogue antivirus webpage looks awfully similar to the Microsoft Security Essentials webpage; even the awards received by MSE and a link to the Microsoft Malware Protection Center have been copied.
While the malware is a pretty good attempt, it's not perfect. The goal is to get the user to download and install something, shelling out some cash in the process, which neither of the three browser vendors would ever recommend.