Fake antivirus is by no means a recent phenomenon. In fact, it has been around for ages, with the first documented instance of fake antivirus reportedly dating back to 1989. Of course, it has become much more widespread over the past few years. But in case you needed reminding that rogue antivirus software continues to be a threat, security firm Websense has just the reminder for you.
We’ve all seen scareware in action: that especially annoying type of malware that pops up thousands of windows, each shrieking OH NO YOUR COMPUTER HAS UMPTEEN MILLION VIRUSES and extolling users to purchase fake antivirus software (using a credit card, of course). Real antivirus programs like Symantec’s Norton line are designed to ferret out malicious programs like that and kick them to the curb. However, one unhappy user claims that Symantec’s nothing better than a scareware-peddling scammer itself, and he’s slapped the company with a class-action suit for falsely pushing its wares.
The price of a fake security software program usually hovers between $30 and $100. But the hidden costs seem to be greater. Installing rogue security software can not only wreck the system but it also makes the owner vulnerable to identity theft. Deceptive ads linking to rogue software appear on both malicious and legit sites. Cybercriminals are also using search engine optimization (SEO) and social media tricks to ensnare even more people.
You know spyware and virus, malware and DDOS, Trojan of horse fame, phishing and worm. But do you recall the brand-newest threat of them all? (apologies to Johnny Marks). Well, the Federal Trade Commission does: it's called "scareware," and late last week, the FTC slammed two of the biggest scareware providers with an asset freeze and a temporary injunction.
What is "scareware?" Arstechnica.com's report explains it thus:
Scareware-selling companies would contract with reputable websites to display advertisements on behalf of other reputable companies, but would poison the ads in question. Once clicked, visitors were actually redirected to a vendor-controlled website, which would then "scan" their computer and amazingly enough, find evidence of damage or infection. Cue the appropriate links, websites (just $39.95), and a few minutes later the result is one scammed customer who has just paid good money for nothing. The thieves, meanwhile, earn extra points if they manage to nick a credit card number in the process.
Some typical examples include Antivirus XP, DriveCleaner, and WinFixer. Drop by the Trend Micro blog for an animated portrayal of a typical Antivirus XP attack, which includes a replacement desktop wallpaper with no way to change it and a scary-looking fake BSOD screensaver.
To learn more about the baddies behind Antivirus XP and its ilk, and to learn how to clean up after scareware, join us after the break.