Danger #8: ScareWare (Fake Security Programs)

A growing threat to un weary Internet users are fake security and anti-virus programs, also known as ScareWare. This page provides information on how to identify such programs, what they do, and what to do if you install such software.

With Internet users becoming increasingly aware of the threat that viruses worms and trojans pose (mainly due to the publicity given to the Conficker worm), the bad guys have started to switch tactics and have begun using computer user's fears to infiltrate their computers.

Here's what happens: If you visit a website controlled by, or hacked by, one of the bad guys, you may see an image on your screen saying that some sort of infection has been detected on your computer. This image may look like a warning window generated by your operating system (e.g. Windows) just to make it look more legitimate. However, it may also take another form. Whatever it looks like, the aim is to get you to click on it and eventually install some software, or to part with your credit card information in order to later obtain software to eliminate the (fake) infection.

 

We left off with a message appearing on your screen when you visit a website that is run by, or has been hacked by, one of the bad guys, claiming that an infection has been detected on your computer. But what happens next?

Well, depending on the exact nature of the scam, you may be taken to a website that encourages you to buy some software that will remove the infection, or you may be encouraged to download some free software.

If you fall for the scam and buy the software, your credit card information will be in the hands of the bad guys, and will be misused in one way or another.

If you download some software and install it, your computer will be in the hands of the bad guys - you have effectively given them cart blanche to install real viruses, trojans and password stealers to their heart's content.

 

So, how do you differentiate real security software from fake software (ScareWare)?

Well, in general, this type os scam tends to appear most often on websites that are, shall we say, off the beaten track. Never install any software, or buy any software, that is offered by such sites.

However, the same type of advert or pop-up can also appear on legitimate sites hacked by the bad guys. This can make things more difficult. However, keep in mind that any mysterious advert or pop-up window that comes out of nowhere when you visit a website and claiming that you need to buy something or install something is going to be legitimate.

Its too late - I've purchased and or installed some fake security software. Help! What can I do?

Your first task should be to contact your credit card company to block payment on the purchase. You will almost certainly have to cancel your existing card as your details will have been passed on and will be used across the globe by the bad guys, but this is something to talk to your credit card provider about.

The second task is to remove the software and any viruses and trojans that may also have been installed. This could be difficult, because one of the tools in the bad guy's arsenal may prevent or redirect any attempt you make to visit a legitimate security software vendor's website to download updates or real infection removal tools. Ideally, therefore, you should use a recent backup to restore your computer to the state it was before you installed the faker software. You did make a backup, didn't you? No? OK, well, you may be in serious trouble. If you are unable to obtain legitimate security software to scan for an remove any infection you may have to take your computer to your local computer expert to deal with.

Still, try the following:

Trend Micro anti-virus from www.trendmicro.com (a free online scanner is available here )

Norton AntiVirus from www.symantec.co.uk.

 

Advertisement

.

NOTE: What we describe on these pages is merely our opinion of what the most important things you need to know and do in order to keep your Internet experience as safe as possible. You should therefore not treat it as a definitive text on Internet security, nor as being necessarily 100% accurate, but instead simply as a general guide.

Advertisement: Would you like a UK telephone number (including 0207 Central London numbers) that you can divert to almost any telephone number almost anywhere in the world? Click here to find out more.