Skip to content

Don’t be duped by fake anti-virus software

by Neal O'Farrell on September 28th, 2011

A recent study by researchers at the University of California at Santa Barbara found that just three of the many vendors of fake antivirus software made more than $130 million between them in less than 18 months.

Fake antivirus software is a very dangerous double-whammy for victims because not only are victims tricked or forced into paying for security software that doesn’t work, their computers are vulnerable to other attacks because they may not have any virus protection in place at all.

So how does fake antivirus software make it on to your computer?

  • You visit a compromised web site that has the fake antivirus software loaded on it and ready to infect any visitors. This approach usually takes advantage of users who don’t patch their computers often enough.
  • You click on an email attachment that in turn launches the software.
  • You click on a pop-up warning that tells you your computer is infected and advises you to install the security software.
  • Your computer is infected by and enlisted to a botnet, a network of compromised computers under the control of hackers.

The researchers managed to break into the servers of some of the criminal organizations that sell this software, and got insider knowledge of just how complex and rewarding these scams can be.

One group they tracked managed install fake software 8,403,008 times, which resulted in 189,342 users being tricked into paying for the software.

A second criminal group installed their software 6,624,508 times, tricking 137,219 victims into purchasing the software over an eight month period. And a third group sold nearly 2 million fake software licenses and netted more than $116 million in the process.

Lessons learned?

  • If you get a warning from a web site that your computer has a virus, ignore it. Use whatever anti-virus software you already have on your computer to scan for any malware.
  • Always keep your computer up-to-date with the latest patches.
  • Be very wary of links from friends on Facebook – they’re often used to spread fake antivirus software.

From → Uncategorized