Free PC Security: Biggest Security Threat - Scareware

/Home/Internet Security: Blogs/Internet Security: Free PC Security blog

May 12, 2009

Rogue security programs, also known as 'scareware', has become the biggest security threat facing internet users.

In the last six months of 2008 the increase of these fake applications rose from less than 3,000 in July to over 9,000 in December and they continue to increase, with regular name changes and new domains.

The simplest method of infection is via a 'drive-by' download, simply visiting an infected site that hosts the malware is enough to trigger a backdoor download of which the user will be completely unaware.

Users often then get a popup on their screen telling them to either update their antivirus software, or their computer is at risk followed by a fake scan of their drive. This is a simulation, NOT a real scan.

The popups are very similar to Windows security warnings as is the warning shield in the System Tray.

Users who fall for this pay around $49.99 for the program and believe that it will remove all threats from their PC.

After installing the software users will find that it does not update, does not remove anything, and for the few that do remove files they are usually essential Windows files which can render the PC useless as it will not boot.

Other variants hijack the Hosts file and users find that their searches are redirected.

For the cybercrooks it is big business and their fake programs appear in many searches for antivirus and antimalware programs as they pay for 'keywords' to ensure that their fake program appears in 'Sponsored Listings'.

They will also use 'black-hat' SEO techniques, as with the Conficker worm and programs that appeared with 'fixes'.

They are also appearing on the major download sites as 'safe' downloads which have been 'tested', as well as being sold through hundreds of affiliates who do not care what the program does or does not do, all they see is commission for each sale.

Users who purchase the fake application will NEVER get a refund from the company they purchased it from and in most instances payment is made via credit card, leaving users at a higher risk of Identity Theft and Fraud.

Through hijacked Hosts files users are redirected to other search engines which have been set up by the criminals and the results will lead to further malicious sites that are created purely to distribute malware, infect users machines again or to defraud the user.

Many of the malicious sites will require users to download a 'missing codec' or 'plugin' which is yet another worm or trojan and will add to the users problems rather than help to solve them.

It's not just on the internet anymore, as the criminals have also set-up companies to call landlines and cell phones claiming that they are working alongside the users ISP and are aware that the users computer has problems that they can fix easily.

Cyber-crime is big business and very well organised. What originally started as a small scale scam to defraud users has become a very lucrative business for the crooks behind the scareware.

So downloading from well known and legitimate sites no longer guarantees that the program is what it claims to be.

Educating users about these scams and fake applications is not an easy task and for many that are not 'web savvy' it is easy to be lured into a false sense of security and the crooks prey on users fears.

Any site that prompts users to download missing 'codecs' or plugins' is generally an infected site and the user should close all open browser windows through Task manager - Ctrl + Alt + Del, click on your browser ie: iexplore.exe or firefox.exe and click End Process or simply hit Alt+F4 to close open browsers.

All users should have one good antivirus program installed along with two antimalware programs, one realtime monitoring and one for manual scanning and updating regularly is essential.

Threatfire free is a useful addition which will monitor for new attacks as well as 'zero-day' threats using its ActiveDefense technology and should be used alongside an existing antivirus program.

The biggest threat on any computer is the user being aware of what they are doing, the actions they have taken and remedies to apply should they become infected.

In the A - Z Index you will find many useful programs, which are free and covering antimalware, antivirus, Hosts, firewalls and basic steps to security.

If you encounter a problem, seek professional advice, do NOT download anything that promises a 'quick fix'.

Make use of the WOT addon for Internet Explorer and Firefox, it will warn you of many of the dangerous sites as they are quickly rated when found.

If you find one that has not been rated or you feel is suspicious, then please take it into the WOT Forum and it will be dissected.