Rogue Internet Security Scammers Costing Consumers Big Bucks
(Page 1 of 2 )
Even if you consider yourself an experienced Internet user, well-versed in all of the scams that plague the ‘net and well aware of all of the risks taken by those who carelessly use unauthorized sites, you may want to reconsider your safety. This is especially true as online scams become more convincing and harmful.
According to the FBI, rogue antivirus programs have raked in more than $150 million for scammers, and that's because these programs are incredibly deceitful and difficult to spot as fake. Let's take a look at how they work and what you can do to stay safe.
How They Work
According to Computer World, tech savvy scammers have learned to mimic the appearance of anti-malware warnings from popular browsers, and thousands of Windows users have been duped into downloading fake security software. The problem has become so severe, actually, that the FBI's Internet Crime Complaint Center recently issued a warning about these fake antiviruses, urging Internet users to be wary of sudden pop-up windows that report security problems on their computers.
This information was made public thanks to Symantec, a world leader in Internet security and anti-spyware products. Symantec researcher Parveen Vashishtha wrote a blog post about the problem entitled "Misleading Apps Push Browser Security Update Trick," in which he reveals that "several malicious websites are displaying phony versions of the alerts that Google's Chrome and Mozilla's Firefox present when users encounter pages suspected of hosting attack code."
The way legitimate alerts work is that they simply warn users that the page they're about to visit may be dangerous, but sham versions feature a prominent message suggesting that the computer user download a costly browser security update. Keep in mind that there are no legitimate browsers available that offer security updates from their anti-malware warning screen, so if this happens to you, consider it a major red flag, and a scam.
As mentioned previously, these are called rogue antivirus programs, but many have taken to calling them "scareware" because they scare people into paying money to fix the problem. If a user accepts the update, they end up downloading fake software that bombards them with endless fictitious infection warnings until they shell out the $40 to $60 to purchase the useless program the alert says will fix the problem.
When purchasing this bogus software, you're not only losing money, but putting your computer in danger as well. According to The IC3, which is run in partnership with the National White Collar Crime Center, the software is sub-par at best, and at worst, "it could result in viruses, Trojans and/or keyloggers being installed on the computer. The assertive tactics of the scareware [have] caused significant losses to users," the IC3 said.
According to Microsoft Security, rogue security software has also been known to report a virus, even though the user's computer is actually virus-free. Conversely, the software might also fail to report viruses when your computer is actually infected. Even more sneaky and in line with what IC3 pointed out, the rogue security software is also capable of installing a virus or other malicious software on a user's computer so that the software has something to detect.
According to the Windows Security blog, rogue security software might also:
- Use social engineering to steal your personal information.
- Install malware that can go undetected as it steals your data.
- Slow your computer or corrupt files.
- Disable Windows updates or disable updates to legitimate antivirus software.
- Prevent you from visiting antivirus vendor Web sites.
"Malware authors are employing innovative social engineering tricks to fool users -- it's as simple as that," Vashishtha wrote in the Symantec blog. "Even the cautious can be nailed by these sites. Users who refuse the mock updates are assaulted by a multi-exploit toolkit that includes attack code for 10 different vulnerabilities in Windows, Adobe Reader, Internet Explorer, and Java. Windows PCs that have been kept up-to-date with bug patches will be immune from the exploit kit, however."
Next: The Business of Scamming >>
More Web Hosting How-Tos Articles
More By Joe Eitel
