Scareware rise heralds step change in cyber crime

[nsane.forums]

Fake anti-virus or 'scareware' scams could be netting cyber criminals over £850,000 a year, as the business of online criminality becomes evermore organised, according to new research by security giant Symantec released today.

The vendor's interim threat report found that the scams, which involve tricking users into believing their computer is infected, and then peddling fake anti-virus products to 'address' the problem, are becoming increasingly widespread as criminals seek to cash in on the public's fear of internet threats.

Symantec said that it has uncovered 250 separate scareware programs through its analysis, and that the creators distribute the rogue software via an affiliate-based pay-per-install model.

Top scammers using this model could earn as much as £70,000 a month, and around 93 per cent of scareware downloads are done so deliberately by the victims, said Symantec.

The scammers have refined their sites to make them appear more credible, and bogus anti-virus products are commonly launched at the same time as those from legitimate security vendors, further boosting the chances of duping their victims.

David Wall, professor of criminal justice and information society at Leeds University, argued that the coming-of-age of scareware marks "a step change in cyber crime".

"The model has a history that goes back six years, but it seems to have come out of nowhere this time," he said. "It lives in the borders of illegality and is being done quite professionally now. The look and feel of this stuff is often like that of a major supplier."

Wall added that the amounts that individual victims end up paying the fraudsters are so small that the crime is frequently overlooked by law enforcers.

More joined up police work nationally and internationally would help law enforcers to get a better idea of the scale of the phenomenon, according to Wall, and possibly force them to take a harder line against scareware scammers.

View: Original Article

[CODYQX4]

I still maintain that you have to be an idiot to the degree of infinity to buy "Super Antivirus XP 2009 Ultimate", especially when it says it won't remove the viruses until you pay, and it surfaces the EXACT time you get infected.

And the software looks like total crap, why wouldn't a person buy something they heard of?

I have seen these infections several times, but no victim dumb enough to buy it.

[Bizarre™]

Instead of harassing the pirate community, they should concentrate more on these criminals.

[CODYQX4]

Instead of harassing the pirate community, they should concentrate more on these criminals.

They love to attack the easy target. Most of these "criminals" exist in places like Nigeria, where it is not illegal to scam, and is encouraged in some places to take money from more powerful nations. Some governments may even be responsible.

[HX1]

Well the sad thing is that in many cases these lines get blurred due to individuals using the exploit to infect..for instance bad Keygens and even installers for valid software.. I used to call the particular type of threat they mention as adware.. yo get some form of ad.. and it winds up to be malware.. All the while stating that there are free scans.. or updates available through a scan.. even to fix PC errors.. and usually oddly enough these can wind up at the top of the list in many cases on the search page..

Its like a crooked cop looking for job security.. yet creating the crime then offering the resolution for a price.. Personally I see no difference between this and a hostage negotiation..

[CODYQX4]

Well the sad thing is that in many cases these lines get blurred due to individuals using the exploit to infect..for instance bad Keygens and even installers for valid software.. I used to call the particular type of threat they mention as adware.. yo get some form of ad.. and it winds up to be malware.. All the while stating that there are free scans.. or updates available through a scan.. even to fix PC errors.. and usually oddly enough these can wind up at the top of the list in many cases on the search page..

Its like a crooked cop looking for job security.. yet creating the crime then offering the resolution for a price.. Personally I see no difference between this and a hostage negotiation..

I call it extortion, and as far as bad keygens, I can only think of one that I got that was actually infected. It worked, but deleted one of your registry hives "HKCR", making you unable to launch applications, therefore making a OS reinstall mandatory. I would say rogue AV is getting more common than infected cracks, but I only DL from trusted sources and not some random search in LimeWire.

[Bizarre™]

I only DL from trusted sources and not some random search in LimeWire.

Indeed, but just to be safe I always execute any unknown program in a virtual environment ;)

[CODYQX4]

I only DL from trusted sources and not some random search in LimeWire.

Indeed, but just to be safe I always execute any unknown program in a virtual environment

I just reimage my PC every 10 days !

But not because of viruses, I just like to tweak until I either reach perfection or break everything

[HX1]

If you have Limewire installed.. I feel for you and hope you the best.. I won't even keep the program in archive..Extortion would be more precise ( unless you look at in a Blue-Collar light ) .. But yeah there are a lot of changes that have taken place over the years.. When I first started using a computer .. Heavily... they were in everything.. Now they still are yet steps have been to properly remove infected uploads which contain exploits.. There are sites that now exists that contain only that... This sort of thing i the article has been around forever.. in fact there even used to be an infection that render pop-ups which would connect to an Apache server.. and it would pop-up a window which said your PC had become infected .. click OK to clean the system and it took you right to the software to buy it..and you could not get rid of the thing.. I mean I truly believe in the method of learning on your own how to remove these things, where the threats come from .. in a thorough manner .. but I still don't think the innocent should be PWNED in this manner.. if you get what I mean..

I only DL from trusted sources and not some random search in LimeWire.

Indeed, but just to be safe I always execute any unknown program in a virtual environment

I just reimage my PC every 10 days !

But not because of viruses, I just like to tweak until I either reach perfection or break everything

LOL...:lmao: .. Seriously though .. that not really good for your hard drive... Yo should do a backup of your registry once you get to a place where its like you want it.. do no installations or changes after that point.. and if something goes wrong restore it..

[Bizarre™]

I use FrostWire, and I only run it for rare music :rolleyes:

[jtmulc]

I still maintain that you have to be an idiot to the degree of infinity to buy "Super Antivirus XP 2009 Ultimate"

[CODYQX4]

I still maintain that you have to be an idiot to the degree of infinity to buy "Super Antivirus XP 2009 Ultimate"

There's a lot of people's Mums & Dads online. I taught mine to look out for this kind of crap, but most people don't have a geek in the family.

I didn't mean to offend anyone, but a product with that kind of name just sounds absolutely fake, regardless of any technical knowledge.

[manpe]

Believe me, it doesn't sound fake to novices. We tend to believe that everybody is as informed as we are, when in truth the number of uninformed and uninterested internet users is far greater... they have heard about needing to have an antivirus, why not try out an Ultimate Antivirus for XP which was made in 2009 and which so generously offers to clean your computer... Sounds tempting and legit even if you don't think so.

To a novice, NOD32 sounds even more suspicious... nod what?

[CODYQX4]

Believe me, it doesn't sound fake to novices. We tend to believe that everybody is as informed as we are, when in truth the number of uninformed and uninterested internet users is far greater... they have heard about needing to have an antivirus, why not try out an Ultimate Antivirus for XP which was made in 2009 and which so generously offers to clean your computer... Sounds tempting and legit even if you don't think so.

I agree, but most people I see get infected don't directly DL and install that AV, rather they go to a website that drive-by-downloads and installs the AV, or, in the case of my little brother, get it in the form of a trojan (he wanted a video converter so he could play stuff on his PSP, but it was a trojan that installed the extortionware).

I haven't seen anyone seek out these fake AV by name, they usually get lead to it. I know it happens, but I see more people get infected by other means than directly choosing the fake AV and willingly installing it.

[DKT27]

I know I'm goin a bit off topic, but the software that was to first one to successfully remove fake/rogue Antivirus XP 2008, Antivirus 2009 and Spyware Protect 2009 was/is MalwareBytes Anti Malware.