Print 56 comment(s) - last by SpaceJumper.. on Oct 22 at 4:58 PM

Scareware threat continues to rise, with security experts attempting to do everything they can to limit the damage

Security company Symantec disclosed that online criminals are cashing in by scaring PC users into downloading exploited anti-virus software.

In the past 12 months, more than 40 million people across the world have been tricked into installing 'scareware' software.  Specifically, criminals trick PC users into downloading a piece of software -- anti-virus and anti-spyware are two popular program types -- that are malicious pieces of software so they are able to acquire credit card information and other sensitive information.

In addition, some criminals create pop-up alerts telling PC users they face a serious risk, then offer fake anti-virus software that can be used to clean up the computer.  The catch?  The software costs money, and users still end up being compromised by the fake software.

"Obviously, you're losing your own hard-earned cash up front, but at the back end of that, if you're transacting with these guys online you're offering them credit card details, debit card details and other personal information," Symantec employee Con Mallon told BBC.  

The 43 million were victims of the scareware threat from July 2008 to June 2009, when researchers began collecting information.

The overall threat of identity theft and bank fraud continues to increase as criminals use more sophisticated techniques to compromise PC users.  Furthermore, even more people around the world are now using the Internet to view bank information, pay bills, and shop online.

Cracking down on criminal enterprises tends to be extremely difficult, with many organized hacker groups operating in Eastern Europe, China, North Korea, and other locations in which it is difficult to identify suspects.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Threats are real
By mechBgon on 10/21/2009 11:48:51 AM , Rating: 2
Also as mentioned earlier many legitimate sites now accept ads, that they have no control over, which could be infected.

It won't matter, if you follow the steps I just gave. I used to hunt scareware every day in the wild, and I know what works as prevention. Nothing is more powerful than making it impossible for your non-Admin (or something exploiting their session) to execute the Trojan in the first place.

In many academic environments you cannot control the systems or lock things down.

My sister's a librarian at a local university and they've made the leap. No more rogue user-Admins messing things up, that's IT's exclusive turf now. I do pity the people who can't use non-Admin accounts due to uncooperative software.

RE: Threats are real
By SpaceJumper on 10/21/2009 8:27:53 PM , Rating: 1
I agree 100%. The problem lies between the seat and the keyboard.

RE: Threats are real
By tmouse on 10/22/2009 9:37:55 AM , Rating: 1
Being a librarian at a local university and researchers at major academic institutions are two completely different worlds. Universities make a lot of money from grant overhead (70% +), If you try to force rules on them they will walk and take the money with them. This can affect the bottom line and effect endowments. Some places have been successful in enforcing some restrictions many have not. I do not know of any that have limited software installation on research boxes (academic freedom can cause a lot of unwanted difficulties). It's simply not the same as a business. Limited rights are good measures but they are not a cure all, how do you know the software you get is clean? You rely on the duplicators or online distributers use of AV programs. I've seen some very sophisticated attacks that reside in caches that are allowed on networks and can infect machines doing permitted program installations. A multi tiered approach is ALWAYS the best, and one should never totally rely on any one method, but we have to balance security with convenience. Telling people to ignore AV is simply bad advice.

"We are going to continue to work with them to make sure they understand the reality of the Internet.  A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki