As if you don’t have enough to worry about, Symantec announced in a recent press release that cybercriminals are employing increasingly persuasive online scare tactics to convince you to purchase rogue security software. Rogue security software, or “scareware,” is software that pretends to be legitimate security software. These rogue applications provide little or no value and may even install malicious code or reduce the overall security of the computer. Here’s more about what they found.
To encourage unsuspecting users to install their rogue software, cybercriminals place website ads that prey on users’ fears of security threats. These ads typically include false claims such as “If this ad is flashing, your computer may be at risk or infected,” urging the user to follow a link to scan their computer or get software to remove the threat. According to the study, 93 percent of the software installations for the top 50 rogue security software scams were intentionally downloaded by the user. As of June 2009, Symantec has detected more than 250 distinct rogue security software programs.
The initial monetary loss to consumers who download these rogue products ranges from $30 to $100. However, the costs associated to regain ones’ identity could be far greater. Not only can these rogue security programs cheat the user out of money, but the personal details and credit card information provided during the purchase can be used in additional fraud or sold on black market forums resulting in identify theft.
To make matters worse, some rogue security software actually installs malicious code that puts users at risk of attack from additional threats. As a result, installing these programs can lower the security posture of a computer while claiming to strengthen it. For example, rogue programs may instruct the user to lower or disable any existing security settings while registering the bogus software or prevent the user from accessing legitimate security Web sites after installation. This, in turn, leaves users exposed to the very threats the rogue software promised to protect against.
Symantec recommends you invest in only one type of trusted software to combat the rogue security software problem and that you implement the following best practices.
- Avoid following links from emails, as these may be links to spoofed or malicious websites. Instead, manually type in the URL of a known, reputable website. – Never view, open, or execute email attachments unless the attachment is expected and comes from a known and trusted source.
- Be suspicious of any emails that are not directly addressed to your email address.
- Be cautious of pop-up windows and banner advertisements that mimic legitimate displays. Suspicious error messages displayed inside the Web browser are often methods rogue security software scams use to lure users into downloading and installing their fake product.
To help educate yourself and your staff, download a copy of the Report on Rogue Security Software (pdf).