Symantec has warned that millions of computer users have been duped in to installing fake security software on their machines.
Some cyber criminals are earning more than £750,000 each year from the scams, which see computer owners tricked in to downloading and installing fake antivirus software on to their machines, believing they’re protecting their PC from hackers.
In fact, the downloaded software often provides cyber criminals with a “back door” in to the machine, which they can access remotely, while the transaction process itself means that a computer user has unwittingly shared their credit card details with fraudsters.
Security experts at Symantec estimate that around 40 million people worldwide have fallen victim to these scams in the last year. The firm has identified more than 250 versions of this software, known as “scareware”.
Symantec said that scareware vendors go to great lengths to initimidate and trick web users in to purchasing this malicious software. They use pop-up adverts, designed to look exactly like legitimate alert messages from reputable antivirus companies, to lull web users in to a false sense of security. These boxes often appear when users switch between programs and websites, warning the user that their computer has been compromised and is at risk unless they immediately install tools to protect it.
“Lots of times, in fact they’re a conduit for attackers to take over your machine,” said Vincent Weafer, Symantec’s vice president for security response.
Security experts have warned computer users not to buy antivirus or security software from unsolicited pop-up adverts, but to ensure that they buy such programs directly through the official website of antivirus companies, or on CD from their local computer shop.
Scareware sellers use pop-up adverts deliberately designed to look legitimate, for example, using the same typefaces as Microsoft and other well-known software providers.
They appear, often when the user is switching between websites, and falsely warn that a computer’s security has been compromised.
If the user then clicks on the message they are directed towards another site where they can download the fake anti-virus software they supposedly need to clean up their computer – for a fee of up to £60.
Con Mallon, from Symantec, told the BBC the apparent fix could have a double impact on victims.
- Similar posts
- Clampi virus on the loose (56.7%)
- Facebook a trojan playground? (33.1%)
- Microsoft Security Essentials final version released (29.1%)
- New email cyber attack detected (27.6%)
- Self destructing email software (15.7%)
- Internet explorer to automatically update (15.7%)
- Microsoft April patchday notes. (11.8%)
2 Responses to “Scareware installs fake software and raids your bank account”
Leave a Reply
You must be logged in to post a comment.
April 28th, 2010 at 4:59 pm
Fake anti-virus software that infect PCs with malicious code are a growing threat, according to a study by Google.
Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software.
Scammers trick people into downloading programs by convincing them that their PC is infected with a virus.
Once installed, the software may steal data or force people to make a payment to register the fake product.
“Surprisingly, many users fall victim to these attacks and pay to register the fake [anti-virus software],” the study said.
“To add insult to injury, Fake anti-viruses often are bundled with other malware, which remains on a victim’s computer regardless of whether a payment is made.”
May 24th, 2010 at 11:02 pm
An internet firm linked to many of the internet’s criminal gangs has been shut down.
The US Federal Trade Commission said Belize-based 3FN aided gangs that ran botnets, carried out phishing attacks and traded in images of child abuse.
The servers and net hardware of 3FN have been seized and are due to be sold off as the firm is dismantled.
The operators of 3FN must also pay back $1.08m (£750,000 ) they are reputed to have made by hosting criminal sites.