There are many virusses on the Internet. When I started working at the university in late 1988, there were only 4 computer virusses in the entire world. In April 2008, the “1 million” mark for virusses was passed, and we are fast approaching the 2 million mark in October 2011.
With that sort of threat hanging over every computer user’s head, scammers play on the resulting paranoia and general ignorance of the average computer user and have created what we call “scareware”.
Scareware is when a programmer or company creates a substandard antivirus program, (for example WinAntiVirus) and then create websites that bring up fake pop-up ads that show fake alerts about problems on users’ hard drives – for example, “You have 284 severe system threats.” These ads prompt customers to download a free trial of this software or pay a fee for the software. Once installed, the trial versions pump yet more ads into the user’s web browser, pestering people to shell out the full price. It is very ironic, scareware exploits consumer fears of viruses in order to spread what was, in effect, another virus – and the victims pay for the privilege.
Scareware, has become the Internet’s most virulent scourge. By 2009, an average of 35 million computers were being infected by scareware every month, according to a study by software developer Panda Security. “Scareware is still the most promising way of turning compromised machines into cash,” says Dirk Kollberg, a senior threat researcher at security firm Sophos. The problem is this method is very effective. IMI a clandestine operation that creates a lot of scareware is rumoured to have made upwards of $3.96 million per year in pure profit!
So, how do you know the difference between your legitimate anti-virus application and scareware? After all, you don’t want to ignore a legitimate warning message.
First and foremost, get back to basics…
Know what anti-virus or protection software you have installed on your computer.
The scam artists are counting on you not remembering what protection you’ve installed on your computer. Know the name of the software manufacturer (Symantec, TrendMicro, McAfee, etc.) and know the name of the product (Norton Internet Security, PC-cillin, Total Protection, etc). These products also come with a subscription for updates. Know how to find the subscription information so you can verify when the subscription expires.
Some of the scareware pop-up messages appear to be generated from the Windows Security Center. The Windows Security Center is part of Windows. Its purpose is to monitor the status of the presence of an anti-virus application or when the Windows Firewall is turned off. Essentially, the only legitimate messages you will receive from the Windows Security Center are warnings as to the absence of an anti-virus application or warning that your Windows Firewall has been turned off. You can recognize any fake “Windows Security Center” pop-up messages if there is a warning stating that there are infections on the system or if there is an inducement to download or purchase a product.
Unfortunately, if these scareware messages start popping up on your computer it means that your computer is already infected. If you click the pop-up message to purchase the software, a form to collect payment information for the bogus product launches allowing you to download and purchase the fake anti-virus product. But, that is not when your computer gets infected. In most instances, the scareware installed malicious code onto your computer before you saw any pop-up messages… whether you click the warning message, the purchase pop-up form, or not.