backtop


Print 56 comment(s) - last by SpaceJumper.. on Oct 22 at 4:58 PM

Scareware threat continues to rise, with security experts attempting to do everything they can to limit the damage

Security company Symantec disclosed that online criminals are cashing in by scaring PC users into downloading exploited anti-virus software.

In the past 12 months, more than 40 million people across the world have been tricked into installing 'scareware' software.  Specifically, criminals trick PC users into downloading a piece of software -- anti-virus and anti-spyware are two popular program types -- that are malicious pieces of software so they are able to acquire credit card information and other sensitive information.

In addition, some criminals create pop-up alerts telling PC users they face a serious risk, then offer fake anti-virus software that can be used to clean up the computer.  The catch?  The software costs money, and users still end up being compromised by the fake software.

"Obviously, you're losing your own hard-earned cash up front, but at the back end of that, if you're transacting with these guys online you're offering them credit card details, debit card details and other personal information," Symantec employee Con Mallon told BBC.  

The 43 million were victims of the scareware threat from July 2008 to June 2009, when researchers began collecting information.

The overall threat of identity theft and bank fraud continues to increase as criminals use more sophisticated techniques to compromise PC users.  Furthermore, even more people around the world are now using the Internet to view bank information, pay bills, and shop online.

Cracking down on criminal enterprises tends to be extremely difficult, with many organized hacker groups operating in Eastern Europe, China, North Korea, and other locations in which it is difficult to identify suspects.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Millions of PC Users Tricked by Scareware
By Amiga500 on 10/20/2009 10:38:48 AM , Rating: 5
Yeap...

And Symmantec probably are world leaders in scare tactics.




By imaheadcase on 10/20/2009 10:47:54 AM , Rating: 5
No kidding. A report on bad stuff on the internet by them is basically screaming "buy our crap, so you don't get more crap".


RE: Millions of PC Users Tricked by Scareware
By Spivonious on 10/20/2009 10:47:09 AM , Rating: 3
Symantec doesn't have the best products, but this "scareware" threat is very real. I'd say 4/5 computers I fix have some sort of fake anti-virus solution installed which is malware itself. And they are a pain to get rid of.


RE: Millions of PC Users Tricked by Scareware
By SpaceJumper on 10/20/09, Rating: 0
RE: Millions of PC Users Tricked by Scareware
By The0ne on 10/20/2009 11:27:52 AM , Rating: 2
That makes no sense at all. You're assuming you're going to get a virus and won't be able to do anything about it and thus have to rely on reinstalling Windows? Do yourself a favor and install a anti-virus to cover you 99% of the time. The other 1% is to not install or visit suspicious programs and websites. Why install an anti-virus, because not only Windows files can be affected :o Go ahead and reinstall Windows, only to find it'll become infected again from the files on your PC locally.

This isn't news, website anti-virus protection scams have been around for ages. This is usually how people who don't know any better and/or are too frighten to make good decisions will get their PC infected. The other are from kids playing web games which does essentially the same thing.


By GaryJohnson on 10/20/2009 12:56:03 PM , Rating: 2
quote:
The other 100% is to not install or visit suspicious programs and websites.

Fixed that for you.


RE: Millions of PC Users Tricked by Scareware
By SpaceJumper on 10/20/2009 2:59:22 PM , Rating: 1
5 years ago, my computer was infected and it was running Norton Anti-virus, and because I was using Windows Explorer and Norton did not have the definition for that virus.
Reinstalling Windows is easy anyway. What really bugged me is the Windows updates, updates and updates....
Personally, I like to reinstalling Windows one or two times a year to keep my computer at top notch anyway.
Now, I am free from computer problems and keeping the money in my pocket for something else.


RE: Millions of PC Users Tricked by Scareware
By Motamid on 10/20/2009 5:38:22 PM , Rating: 2
You are assuming that the worst case scenario is that your computer will be disabled by the virus. The most malicious virus's however, would much rather go unnoticed while they collect your passwords and credit card numbers. If these become compromised, you're going to have to do much more work than just reinstall windows.

Anti-virus software can't always fix everything, but it will usually at least be able to spot a malicious program if not remove it. If it is money you are concerned about, go with something free like AVG Free.


RE: Millions of PC Users Tricked by Scareware
By SpaceJumper on 10/20/2009 8:43:15 PM , Rating: 1
Now I understand the scare tactic really works. I think your computer is now infected with anti-scareware. As long as you are happy with the scareware or anti-scareware, that's all it matter.


RE: Millions of PC Users Tricked by Scareware
By tmouse on 10/21/2009 7:36:14 AM , Rating: 3
Tell us how you know your computer is virus/trojan free? So what you are really telling us is if your computer is not so contaminated that it begins to run slow or crashes you are "free" of infestation. One of the most foolish responses I have ever seen. I hope you are too young to own credit cards or at least do not buy anything online. Its fools like you that cost everyone money when their information gets stolen and the card companies do not make people like you pay the resulting bills.


By SpaceJumper on 10/22/2009 4:58:40 PM , Rating: 2
I don't have to because I know it from the fresh Windows installation. I am not the person who worry about nothing. I am very fortunate to saved up enough money by not spending money on scareware and to be able to move up to the latest and greatest Windows 7 and Mac. I am not the person who click yes to everything on the screen and worry about it later. I also have n+1 or redundancy system that meantime between failure is next to nil.
I spend my life living, not worrying about nothing.


RE: Millions of PC Users Tricked by Scareware
By randomposter on 10/20/2009 11:30:30 AM , Rating: 2
You must not value your time very highly.

For me to reinstall Windows, reinstall all my software, and get all my settings back where I want them is at least a day of my time. I have better things to do with my life than go through that headache several times per year.


RE: Millions of PC Users Tricked by Scareware
By enlil242 on 10/20/2009 11:49:21 AM , Rating: 2
Three words, "Acronis True Image." Usually can find it on SALE for about $30... Or "Drive-Image" for that matter. I've used both and can have my PC back to a pristine state in 20 minutes... "An ounce a prevention..."


RE: Millions of PC Users Tricked by Scareware
By PhoenixKnight on 10/20/2009 12:33:53 PM , Rating: 2
Or you can install AVG antivirus for $0 and not have to worry about re-imaging the drive. How well does Acronis True Image protect against trojans and malware that steal your passwords and personal information, by the way?


RE: Millions of PC Users Tricked by Scareware
By enlil242 on 10/20/2009 12:55:06 PM , Rating: 2
To each their own. I do not prescribe to false senses of security, when I can prevent things from happening on my own. My computing activities do not take me to the "red light districts" of the web, so I don't need to carry a rubber... Good luck with AVG, if you are careless, you will certainly need it.

I will note that I do use Win Patrol... That is the only utility that I use...


RE: Millions of PC Users Tricked by Scareware
By PhoenixKnight on 10/20/2009 2:29:01 PM , Rating: 2
I have been to completely legit sites, including Anandtech among others, with infected banner ads that have been caught by AVG. In fact, most of the viruses I've come across were from ads legit sites. Admittedly, though, in the rare instances where I did visit "red light districts", I was getting warning after warning from AVG.

AVG is useful for catching anything that slips through, but, strangely enough, the thing I've found to be most effective at preventing infections is actually Adblock Plus. Simply installing Adblock on computers that get constantly infected brought the number of infections to virtually zero.

I have switched over primarily to Linux for the past year-and-a-half, so between careful web browsing and an OS that's unaffected by almost all malware out there, I don't worry about malware at all anymore. I use Windows 7 for gaming, but little else, so I haven't even bothered to install an antivirus at all.


By enlil242 on 10/20/2009 2:40:45 PM , Rating: 2
Tracking cookies from affiliate links will often generate alerts from some AV solutions. Doesn't mean they are bad, but more of a "here's what just happened" message. Although they are a source of revenue on most blog sites, I rarely click on banner ads...

Like I said in another post, to each their own. I find that WinPatrol and being mindful of what I am doing is enough for me. Plus I ALWAYS have a full backup image of my C drive... "just in case."


By Villains on 10/20/2009 2:59:12 PM , Rating: 2
Except most people use their computer for more than just checking the weather.

How old are you? 60?

Thats like saying, i dont need condoms because i only sleep with chicks who are disease free or virgins.

Not using AV is a dumb idea regardless what your thoughts on the matter are.

And reformatting a PC takes longer than a hour or 2. Unless like i said, all you have ever done is check the weather on your PC and never installed a single thing.


RE: Millions of PC Users Tricked by Scareware
By enlil242 on 10/20/2009 12:56:16 PM , Rating: 2
Also, I doubt your free program will restore your computer if your hard drive crashes, whic for me, is more likely to happen...


By tmouse on 10/21/2009 8:00:11 AM , Rating: 2
That's not what it is supposed to do. It's a free antivirus program. You use them both if necessary. Your re-image program is only as good as the date of your current image. Every time you add ANY file you better have a backup or else you will lose that information. There are very few things that are designed to crash a computer outright. Those that do are not really a threat since they cannot propagate well. It's usually a combination that accidently causes the problem. If you save images regularly they could be infected as well and just need a co-infection to cause a problem (your half way there). Even AV programs are not fool proof but at least offer some notice. If you install an infected program win patrol will not help at all since you are already giving permission for the install. Many trojans either gain exceptions or piggy back on legitimate communications to get the information out after they are in place. Hard drives should rarely crash, if that is "more likely to happen" you probably already have corrupted images.


By DatabaseMX on 10/20/2009 3:18:41 PM , Rating: 2
I agree 110%. This is an excellent product, which I have been using since its inception. TI has saved my butt several times, in one way or another, as well as friends and business associates.

I do a Full System Backup 1x/week using True Image Workstation Echo.

If a hard drive fails or your system gets hosed by malware (et.al), you put in a brand new hard drive out of a box, boot up the the CD Rom rescue disk, point to the location of your backup (ext USB drive, network, etc) ... and Restore! What you get is a 1 to 1 exact image of the point you last backed up. Zero to reinstall per se.

One of my son's business laptop was hosed up by some malware that we couldn't get rid of last year around xmas. We put in a new drive, did the restore from a month old backup ... maybe 2 hours total time ... and back in action. Note that he backs up more often now, lol.

I've been using http://www.resolutionsmsp.com for 4 years now with zero issues or infections, etc. This is superior to anything Symantec will ever have.

mx


By tmouse on 10/21/2009 7:42:59 AM , Rating: 2
SO how do you know when to reimage? When your system crashes? Meanwhile any file you give to others is probably infected. I have nothing against Acronis (I use it) but in no way, shape or form is it a substitute for a AV program. People with that type of mentality are a part of the problem we have today. It the same line of thinking as we do not need food sanitation laws since we have anti-diarrheal drugs.


RE: Millions of PC Users Tricked by Scareware
By ExarKun333 on 10/20/09, Rating: 0
By UNHchabo on 10/20/2009 1:16:25 PM , Rating: 2
Or you can have a decent antivirus program, and reinstall Windows twice a year.

Antivirus programs don't have that much overhead anymore; I have a WD640 Black, which is still one of the fastest 7200rpm hard drives on the market. Even still, my P4 never goes above 3% utilization during file transfers or other I/O-heavy activity that would make my antivirus program do a real-time scan.

There's no reason to run without at least a free AV program.


By Maiyr on 10/21/2009 9:18:58 AM , Rating: 2
You consider "2x a year, for a couple hours, to reinstall Windows is a piece of cake" regular maintenance ? I am going to have to assume this is a joke or an attempt at sarcasm.


RE: Millions of PC Users Tricked by Scareware
By jonmcc33 on 10/20/2009 4:57:12 PM , Rating: 1
Won't harm it? They are designed to steal information from your computer and send that info to remote servers. Hence spyware. The obvious fools give them their credit card info anyway.

If that's not harm then I don't know what is. Maybe you don't have a job or any credit cards.


RE: Millions of PC Users Tricked by Scareware
By SpaceJumper on 10/20/2009 9:07:22 PM , Rating: 1
When you are doing banking for example, the web browser software is running on its own memory space. It can not be infected.
To get your info, the bad webpage exploits the vulnerability of the web browser and changes the link in your bookmark and redirects you to a temporary fake webpage and steals your info. Anti-virus software cannot really stop that. That called phishing.
Good luck with your scareware, anti-scareware, or anti-virus or whatever you want to call it. Remember do not give your info to a fake webpage, from email or a look alike webpage. You can also look into the source code of the webpage to identify it or you can monitor your 2^16 ports in your computer.
Are you scare? Halloween is comming soon. Scare tactic really works.


RE: Millions of PC Users Tricked by Scareware
By tmouse on 10/21/2009 8:08:02 AM , Rating: 3
That is phishing, but phishing is not the only way. Ever heard of keystroke loggers? There are many trojans that monitor your system for fields like logon, password, paypal ect. They store the information and send it out to remote servers later. Then there are the ones that simply stay dormant until they are instructed to send DDOS attacks. Nothing is 100% effective, but using that as a reason to have no protection is stupid plain and simple.


RE: Millions of PC Users Tricked by Scareware
By SpaceJumper on 10/21/2009 4:57:29 PM , Rating: 1
I don't see how you can do that unless you are giving Windows permission to install that piece of malicious software in your computer. I agreed that people do all the time by just clicking yes to everything. That's the different issue, because it is not Windows issue. If you know how do to that you should send the source code to Microsoft and let them verify it.
The risks of catching one is very rare now a day. It is the same for MAC versus Windows. MAC is way more vulnerable than that of Windows but the risk of exploitation is very slim.
Is it just your scare tactic? Could you name the malicious piece that can do what you said?


RE: Millions of PC Users Tricked by Scareware
By tmouse on 10/22/2009 9:21:18 AM , Rating: 2
How do you know if anything you install is infected? If you install anything you give permission, if one or more files are infected your system gets infected. There have been many cases of "trusted" files accidently getting infected prior to going online and being made available before being caught. There have even been cases of gold versions of programs being infected before duplication. Fortunately there have not been many cases of that with the advent of AV programs. Some worms just need to get inside of your firewall and wait until you install something and piggyback on the installation, they can live in your browser cache, (by definition you give your browser permission to create files there, some will auto flush other do not that's how many browsers "speed up" browsing by storing pages on your computer.

quote:
The risks of catching one is very rare now a day


I'm not sure what planet your living on with that statement.

quote:
It is the same for MAC versus Windows. MAC is way more vulnerable than that of Windows but the risk of exploitation is very slim


I have no real evidence that the Mac is "way more vulnerable than that of Windows" and I seriously doubt you do, it IS less of a target due to a combination of a smaller installation base and Apple is not as disliked as Microsoft, currently.


By SpaceJumper on 10/22/2009 11:29:27 AM , Rating: 2
Now I realized that scare tactics, paranoia, imagination, and assumptions are very effective marketing tool for selling the anti-something software(s).


By SpaceJumper on 10/22/2009 4:39:29 PM , Rating: 2
Good computer Halloween story. Good job!!!


RE: Millions of PC Users Tricked by Scareware
By kattanna on 10/20/2009 10:52:32 AM , Rating: 3
aye.. i cant tell you how many times i have had someone bring my their personal computer because it was seriously infected.. to find.. norton internet security installed and of course the trial period over.

all too often they are lulled into a false sense of security because some AV product was installed when i bought it they tell me.

so i first clean the system.. remove the norton crap, and then install AVG or some similar free AV for them.


By damianrobertjones on 10/20/2009 10:56:42 AM , Rating: 2
Trouble with free AV, like Avast and AVG, is that it FAILS.

Two machines in the last few weeks both arrived with Super Anti Virus 2010 installed. A rootkit, rampaging around the system.

Installed Microsoft Essentials and that removed the rootkit and viruses. At one point, avast blared a warning, "A virus has been detected" Ohh, really? Thanks for telling me.

Pretty much all of them are dropping the ball and it's windows that gets the blame as no user wants to admit that it's their fault. Ever.


By kattanna on 10/20/2009 11:29:53 AM , Rating: 2
its true that any AV can fail, having an active free one though is better then an expired non free one.

how much so? LOL that all depends on the user


By enlil242 on 10/20/2009 11:59:59 AM , Rating: 2
LOL, stop downloading porn viewers... ;)

Trust me, I know the types of users in my organizations that get regular viruses... I get the reports. They are either downloading warez or porn... simple as that. OR they are really stupid and click on the link in a bogus email.

People this dumb deserve the headaches and costs for a geeksquad member to come out and repair their PCs...

Sorry, but this subject really T's me off sometimes and the AV companies are making millions off of people's laziness and stupidity.


RE: Millions of PC Users Tricked by Scareware
By enlil242 on 10/20/2009 11:45:59 AM , Rating: 2
I do not run ANY AV on my computer. I just don't do STUPID things that would infect my PC. If people were just careful and think before clicking, there would be no need to run AV products...


By Hakuryu on 10/20/2009 1:24:53 PM , Rating: 2
I build PC's, have been a web programmer, Access/Visual Basic/C++ programmer, worked in QA for a medical software company, and have been using computers since about 1983 (TRS-80 Color Computer 2). I'd say I'm pretty savvy when it comes to PC's, and yet I've had a few worms and viruses hit me.

Once I was searching for some help with a game, and found a site that looked legit - normal URL with nothing strange about it, text in the Google search screen that pertained to the issue... but when I went there, virus popup alert from Bitdefender. I was saved that time, but earlier using Norton I got hit by the Code Red worm and other viruses it didn't catch.

Sure if you only visit sites you know, you may be safe, but sooner or later you are going to want to look something up and will find yourself going to sites that look legit, but may not be. I'll gladly pay $19.99 a year for BitDefender to save me from having to reinstall Windows or spend hours trying to remove a problem.


By Bytre on 10/20/2009 5:46:39 PM , Rating: 2
That attitude is so 2006. A couple years back, you could be safe by not opening attachments and not visiting shady sites, but the malware market has exploded. Its not kids looking for net fame, its organized crime.

Legitimate websites are getting compromised, and not just mom and pop sites. Earlier this year, eWeek and other ziff-davis websites were serving up malware through the ad exchange - if you think your habits will protect you, you'd better be on an OS and browser which doesn't pay to be exploited.

Symantec's consumer software has gotten pretty good over the last couple years. I use a few different packages from different vendors on different machines at home and at work. Most of the top tier ones detect pretty much the same stuff, but there's the occasional threat which one vendor detects and another doesn't. Symantec is the lightest for a desktop though, and well worth using after rebate.


By aebiv on 10/20/2009 1:16:04 PM , Rating: 2
I agree completely... They're just starting to feel some heat from ESET and others that have a far more effective scanner.


"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki