Methodologies of the RBN - Fake Spyware/Anti-Malware Continued

(Page 2 of 4 )

A tactic frequently used by the RBN is to create websites that offer free online scans of your system or free software that you can download and then use to scan your system. Invariably, this leads to a fake message saying you are indeed infected and that if you want to rid yourself of the infection, you must purchase the full version of their software.

There are several ways the RBN (and others) make money from this scheme. The first way is through direct purchases. Users are prompted to go to a website and pay for the upgraded software. When the user enters the information into the form to purchase the program, they are billed an amount of money (like $19.99), which is really just a bonus for the culprits. What they are really after is two things: the personal and financial data the user enters into their online form, and for the user to run the program on their computer, which no doubt installs additional Trojans, spyware, malware, etc. into the user's system.

To truly see the scope of this issue, one of the websites, malwarealarm.(dot)com, had at one point 2,200,000 visitors in one month. And that is only in the United States. Granted, not every person who visited the site opted for the free scan or purchased software, but if only one percent of the people did, you are looking at 22,000 infected computers/possible stolen identities. And that is from one site.

Below is a list, courtesy of the folks at RBNExploit, showcasing 57 fake Spyware/Malware websites. It goes without saying that you should avoid these sites:

• adprotect(dot)com

• adwareremover2007(dot)com

• antispyzone(dot)com

• antivermins(dot)com

• antiverminser(dot)net

• antiverminspro(dot)net

• antivirgear(dot)com

• antivirusgold(dot)com

• antivirusgolden(dot)com

• bravesentry(dot)com

• drives-cleaner(dot)com

• eprotectpage(dot)com

• magicantispy(dot)com

• malware-alarm(dot)com

• malwarealarm(dot)com

• malwarewipe(dot)com

• sigmacode(dot)biz

• spyaxe(dot)biz

• spydawn(dot)com

• spyheal(dot)com

• spylocked(dot)com

• spysheriff(dot)com

• spy-shredder(dot)com

• spyshredderscanner(dot)com

• spytrooper(dot)com

• spywall(dot)net

• spywarequake(dot)com

• thecleanersystem(dot)com

• thesafebar(dot)com

• thespyguard(dot)com

• virusburst(dot)com

• virusheal(dot)com

• virusprotectpro(dot)biz

• virusprotectpro(dot)com

• virusray(dot)com

• virusrescue(dot)com

• wildgadgets(dot)biz

• windowsafesurf(dot)com

• xmalwarealarm(dot)com

• xspy-shredder(dot)com

• 1stantivirus(dot)com

• Adwarebazooka(dot)com

• adwaredelete(dot)com

• Adwarepunisher(dot)com

• Anti-virus-pro(dot)com

• Hitvirus(dot)com

• Innovagest2000(dot)com

• pesttrap(dot)com

• razespyware(dot)net

• Remedyantispy(dot)com

• Spycontra(dot)com

• spycut(dot)com

• Spydeface(dot)com

• spydemolisher(dot)com

• Spyiblock(dot)com

• spywareno(dot)com

• Virushammer(dot)com

Next: IframeCash >>
 

More Web Hosting Articles Articles
More By James Payne

Comments On: Methodologies of the RBN

· Thanks for reading another part in our series on Internet Crime. In this article we...   >>> Post your comment now!