Print 56 comment(s) - last by SpaceJumper.. on Oct 22 at 4:58 PM

Scareware threat continues to rise, with security experts attempting to do everything they can to limit the damage

Security company Symantec disclosed that online criminals are cashing in by scaring PC users into downloading exploited anti-virus software.

In the past 12 months, more than 40 million people across the world have been tricked into installing 'scareware' software.  Specifically, criminals trick PC users into downloading a piece of software -- anti-virus and anti-spyware are two popular program types -- that are malicious pieces of software so they are able to acquire credit card information and other sensitive information.

In addition, some criminals create pop-up alerts telling PC users they face a serious risk, then offer fake anti-virus software that can be used to clean up the computer.  The catch?  The software costs money, and users still end up being compromised by the fake software.

"Obviously, you're losing your own hard-earned cash up front, but at the back end of that, if you're transacting with these guys online you're offering them credit card details, debit card details and other personal information," Symantec employee Con Mallon told BBC.  

The 43 million were victims of the scareware threat from July 2008 to June 2009, when researchers began collecting information.

The overall threat of identity theft and bank fraud continues to increase as criminals use more sophisticated techniques to compromise PC users.  Furthermore, even more people around the world are now using the Internet to view bank information, pay bills, and shop online.

Cracking down on criminal enterprises tends to be extremely difficult, with many organized hacker groups operating in Eastern Europe, China, North Korea, and other locations in which it is difficult to identify suspects.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Threats are real
By really on 10/20/2009 1:06:54 PM , Rating: 2
This is actually a serious problem. I work in IT and have had to remove some of these programs from peoples computers and it is both time consuming and in many cases an effort in futility as they tend to require a rebuild of the computer. The software is very aggressive and hard to remove due to a watcher program that remains hidden and will reinstall all the software once it is reconnected to the network. Finding and removing the service can be difficult and is a waste of resources that could be used for other projects. Even if you remove the program successfully you have no idea if a rootkit was installed and by the time most users report the issue sensitive information my have already been compromised.

Anyone who says Symantec or any other AV software use scare tactics have no idea what they are talking about. The threats out there are real and without the services of legitimate AV software these viruses would run unchecked and many more people would become victims.

RE: Threats are real
By mechBgon on 10/20/2009 3:59:15 PM , Rating: 2
Step one: switch your users to low-rights accounts.

Step two: if your version of Windows can do Software Restriction Policy, throw that on in disallowed-by-default mode as well.

RE: Threats are real
By tmouse on 10/21/2009 8:18:27 AM , Rating: 2
It depends where you work. In many academic environments you cannot control the systems or lock things down. Also as mentioned earlier many legitimate sites now accept ads, that they have no control over, which could be infected. A multi layered approach is necessary. That requires a solid firewall, network monitoring for compliance and if possible locking the system as much as possible. Even then at best all we can do is try to minimize the damage and downtime.

RE: Threats are real
By mechBgon on 10/21/2009 11:48:51 AM , Rating: 2
Also as mentioned earlier many legitimate sites now accept ads, that they have no control over, which could be infected.

It won't matter, if you follow the steps I just gave. I used to hunt scareware every day in the wild, and I know what works as prevention. Nothing is more powerful than making it impossible for your non-Admin (or something exploiting their session) to execute the Trojan in the first place.

In many academic environments you cannot control the systems or lock things down.

My sister's a librarian at a local university and they've made the leap. No more rogue user-Admins messing things up, that's IT's exclusive turf now. I do pity the people who can't use non-Admin accounts due to uncooperative software.

RE: Threats are real
By SpaceJumper on 10/21/2009 8:27:53 PM , Rating: 1
I agree 100%. The problem lies between the seat and the keyboard.

RE: Threats are real
By tmouse on 10/22/2009 9:37:55 AM , Rating: 1
Being a librarian at a local university and researchers at major academic institutions are two completely different worlds. Universities make a lot of money from grant overhead (70% +), If you try to force rules on them they will walk and take the money with them. This can affect the bottom line and effect endowments. Some places have been successful in enforcing some restrictions many have not. I do not know of any that have limited software installation on research boxes (academic freedom can cause a lot of unwanted difficulties). It's simply not the same as a business. Limited rights are good measures but they are not a cure all, how do you know the software you get is clean? You rely on the duplicators or online distributers use of AV programs. I've seen some very sophisticated attacks that reside in caches that are allowed on networks and can infect machines doing permitted program installations. A multi tiered approach is ALWAYS the best, and one should never totally rely on any one method, but we have to balance security with convenience. Telling people to ignore AV is simply bad advice.

"I'm an Internet expert too. It's all right to wire the industrial zone only, but there are many problems if other regions of the North are wired." -- North Korean Supreme Commander Kim Jong-il

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki