Symantec Report On Rogue Security Software

Symantec
Report on Rogue Security Software
Symantec Security Response
October 19, 2009

Scareware
A new generation of organized criminals are earning almost three times the weekly salary of the President of the United States through a low-risk, fast-growing online scam
Scareware – also known as fake security software– trick people into downloading them, often through unfamiliar websites. Scammers rely on fear tactics and other social engineering tricks to dupe users into purchasing and installing fake security software
Scareware often looks like legitimate security software. It tries to convince you that your computer is at risk and then pressures you to purchase software that won’t actually protect you and won’t remove threats from your computer.

What Can Scareware Look Like?

Fat Cat Cybercriminals Are Growing Rich By Scareware Franchising
The sale and distribution of scareware uses an affiliate-based business model, similar to buying a well-known high street franchise business. Some distribution sites offer their affiliates incentives in the form of bonuses for a certain number of installs as well as VIP points and prizes such as electronics and luxury cars
Scarewarescammers are paid every time they trick someone into installing the fake security software, and commissions are greater for installs of software that also contain malicious code

Why Is Scareware a Threat?
Scareware doesn’t protect against security threats, but people who download it believe their computers are now clean and protected
Scareware may actually install malicious code
Scareware scammers may use the personal information provided by the victim to purchase the fake security software to commit fraud, including identity theft
Scareware can weaken a computer’s security by instructing the user to disable legitimate security software in order to register the fake product. It may also prevent the user from accessing legitimate security websites

How Can ScarewareGet On Your Computer?
Cybercriminals rely on classic social engineering technique – F.U.D. – to dupe users into purchasing and installing rogue security software
Ads for scareware are found on both malicious and legitimate sites
Links to scareware sites may be distributed in spam email or in comment spam
Computer users who might be searching for removal tools to get rid of a threat on their computer may actually come across search results for removal tools that are actually fake security software

Don’t Let ScarewareHappen to You
Don’t open suspicious emails or attachments
Don’t respond to emails that ask for personal info
Use an up-to-date security solution purchased from a reputable vendor through a reputable channel
When asked to “allow” or “deny” an application access to the Internet, always deny unless you’re absolutely confident the site it is accessing is authentic and safe
If you’re on a wireless network, secure it with a password and don’t allow unknown computers to access your home network
Use strong passwords with a combination of letters and numbers. Change it regularly
Don’t give your credit card details to unsecured sites. Look for https:// at the top of your browser and the padlock symbol on the bottom right-hand corner of the screen
Use a website rating service, which can tell you if a site poses a risk before you visit it
Review your bank and credit card statements regularly for suspicious transactions
For more information on cybercrime and how to protect yourself, visit www.everyclickmatters.com

What Else Do We Know About Scareware?
To date, Symantec has detected more than 250 distinct fake security software programs
Symantec estimates that the initial monetary loss to consumers who downloaded and purchased these fake products during this reporting period ranged from $30 to $100
Among the distribution sites Symantec observed for this report, the highest payouts to affiliates for installations by users were in the United States, where payouts averaged $0.55 per installation
One distribution site observed by Symantec, TrafficConverter.biz, purported to have its top affiliates earning as much $23,000 per week for installing and selling security risks, including fake security software programs, onto people’s computers
During this reporting period, Symantec received reports of 43 million fake security software installation attempts from the 250 unique programs identified
The top five reported fake security applications observed by Symantec during this reporting period were, in order, SpywareGuard 2008, AntiVirus 2008, AntiVirus 2009, Spyware Secure, and XP AntiVirus
Of the top 50 reported fake security applications during this reporting period, 61 percent of the scams observed by Symantec were attempted on users in North America

http://www.minornotes.com	137
http://minornotes.com	21
http://translate.googleusercontent.com	1

Symantec Report On Rogue Security Software

by Symantec

Accessibility

Categories

Upload Details

Usage Rights

3 Embeds 159

Statistics