What would you do if a warning suddenly flashed on your screen that your computer had been compromised?
Such warnings are becoming increasingly common and they’re probably all fakes. They tell users that their computer is infected by a virus or at risk of being infected. They’re usually accompanied by an offer to “clean up” the security problem. Just click on this link, pay a small fee, and your troubles will disappear...
Er – no, actually. Clicking on that link will start a whole new series of problems. What it will do is allow the installation of malware on your computer. You’ll get a message saying everything is now tickety-boo, but instead your computer will now be sending back personal information to a cybercriminal. If you bank online, they could get your account details and your password. They could be reading all the files on your hard drive, or they could even use your computer to distribute spam.
This kind of malware is known as ‘scareware’. It plays on people’s fears and offers a quick solution to a “problem” that almost certainly doesn’t exist. Security software maker Symantec has highlighted this phenomenon in its Report on Rogue Security Software.
According to the study, 93% of the software installations for the top 50 rogue security software scams were intentionally downloaded by the user. As of June 2009, Symantec had detected more than 250 distinct rogue security software programs.
“The initial monetary loss to consumers who download these rogue products ranges from $NZ35 to $NZ120,” Symantec says. “However, the costs associated to regain one’s identity could be far greater. Not only can these rogue security programs cheat the user out of money, but the personal details and credit card information provided during the purchase can be used in additional fraud or sold on black market forums,
resulting in identify theft.
“To make matters worse, some rogue security software actually installs malicious code that puts users at risk of attack from additional threats. As a result, installing these programs can lower the security posture of a computer while claiming to strengthen it.”
Rogue security software is advertised through a variety of means, including both malicious and legitimate Web sites such as blogs, forums, social networking sites, and adult sites. While legitimate Web sites are not a party to these scams, they can be compromised to advertise these rogue applications.
Rogue software is well disguised, to look like legitimate software, and cybercriminals even use legitimate credit card payment systems.
To avoid getting caught by rogue security software, you should install and use a genuine security product and beware of pop-up alerts and banner adverts that mimic legitimate displays. Avoid following email links to Web sites and never open attachments in emails that are unexpected or from unknown sources.