Monday, February 21, 2011

Scareware Be Very Scared!

One of the most common problems I have had to deal with in the last year is fake anti-virus programs.  These programs usually claim your computer has a large number of infections and of course require the user to pay for the “program” before the infections are removed.  These programs usually come with some fancy names and very professional interfaces.  Even most professional will have trouble determining from the name or interface if the program is indeed a fake.  For example check out the screen shot of an anti-virus program below:
Antivirus Pro 2010
This program (Antivirus Pro 2010) is actually a virus!  And of course it claims your computer is infected by multiple viruses.  And last but not least in order to remove these viruses you need to pay for the program!  Oh, and do not forget it can spy on you as well!  Try uninstalling it?  Forget it!  Some of these programs take extreme measures to be removed!
It is worth noting that not all these programs are viruses, some of them are simply shoddy anti-virus apps that do not work or do work well.  Malicious fake anti-virus programs usually have a multi-faceted approach:
  • Mask and hide the real virus while trying to give the users a sense of security.
  • Download and install additional viruses onto the user’s computer.
  • Remove another company’s or malicious user’s viruses
  • Require the user to pay to remove the supposed viruses.
  • Spy on the user and steal any valuable information.
Some of the trouble stems from the fact that users do not know what anti-virus program (if any!) is protecting their computer.  Do you know what is protecting your computer?  Hopefully it is not one of the programs on Wikipedia’s list: http://en.wikipedia.org/wiki/List_of_rogue_security_software!  Generally, how a user gets one of these programs is by browsing the web and clicking a popup that states that their computer is infected.  Naturally the user immediately becomes concerned and likely will click on the option to “clean computer” or some other such wording.  Before clicking on any such warnings, the user needs to make sure that the warning is actually coming from the anti-virus program installed on the computer!  Most importantly NEVER click on anything shows up as a popup in a web browser that says your computer is infected.  If you are not sure if the popup is valid or not; I would suggest closing the popup window and opening up your anti-virus application.  If the concern was valid you should see a warning; if not, you can always run a virus scan just to be sure!  Just to note, make sure you read any messages that popup in a web browser carefully, sometimes by clicking the wrong option the malicious program will automatically be installed!
Spyware Protect 2009
Above is an example of a popup in Internet Explorer, the site that Internet Explorer is attempting to load is actually microsoft.com.  In this case neither choice is a good option, and attempting to close the browser window would be the best bet.

No comments:

Post a Comment