majithia23 Posted March 16, 2010 Share Posted March 16, 2010 Fake antivirus software is most costly security scam of 2010McAfee reports 400% increase in reported incidents Published: 12:20 GMT, 11 March 2010 Fake antivirus programs that encourage web users to part with their hard-earned cash and download hoax security software is likely to be the most costly scam of 2010, says McAfee. According to the security firm, cybercriminals make upwards of $300m from conning web users worldwide into downloading scareware. The security firm also said it had seen a 660 percent rise in scareware over the past two years, and a 400 percent increase in reported incidents in the last 12 months. Rogue antivirus software given boost by 'tech support' | Fake antivirus makes security vendors look bad: Trend Micro | Chocolate is better than antivirus software in data breach settlement "Even the savviest of computer users fall victim to online threats because cybercriminals have become so sophisticated," said Jeff Green, senior vice president of McAfee Labs. The scareware scam starts with a pop-up that claims the web user's PC is infected with malware and then prompts the user to purchase the fake 'security software' which is actually malware in disguise. Cybercriminals also obtain the user's computer and bank details. "It's an incredibly lucrative business for cybercriminals," added Francois Paget from McAfee Labs. With this in mind, McAfee has launched the Consumer Threat Alerts program that is designed to warn web users about the latest and most dangerous online threats McAfee said subscribers can expect to receive periodic email alerts about how to recognise the latest online dangers and tips on how to stay safe. "We're giving consumers the 'street smarts' they need to live their online lives safely," said Green. "With education and the right technology, we can all play a part in the fight against cybercrime."Fake antivirus overwhelming scannersCriminals look for easy money By John Dunn | Techworld Fake antivirus programs are multiplying at such a rate they could start to overwhelm the detection capabilities of signature-based scanners, the latest figures from the Anti-Phishing Working Group (APWG) have hinted. Rogue or bogus programs passing themselves off as real antivirus software have been one of the malware themes of 2009, but the APWG's numbers for the first half of the year show that the organisation's members detected 485,000 samples, more than five times the total for the whole of 2008. The reason for the growth in numbers is what is known in technical terminology as 'polymorphism', an old defence technique which involves changing the binary checksum of every copy (or download) of a piece of malware. This makes it much more difficult for antivirus programs to detect the programs. Fake antivirus makes security vendors look bad: Trend Micro | Security firm spots 640,000 website viruses | Microsoft free Security Essentials antivirus downloaded by millions | Kaspersky launches antivirus software for Macs "The primary reason for the creation of so many variants is to avoid signature-based detection by legitimate antivirus programs," says PandaLabs' director and APWG member, Luis Corrons in the report. "The use of behavioural analysis is of limited use in this type of malware because the programs themselves do not act maliciously on computers, other than displaying false information." The figures themselves are the good news because each statistic is, by definition, a detected sample. But these are likely to be only a percentage of the true picture. Fake antivirus software can be hard to catch using heuristics because they are often willingly installed by users who think the programs to be genuine, bypassing systems such as Vista's User Account Control (UAC). Elsewhere in the report, the APWG reports a 66 percent increase in infected PCs in Q2 of 2009 form the same period on 2008, to a total of 11.9 million, and over the half the total number scanned. This total includes all types of malware and fake AV will only be a small portion of that, but it demonstrates the scale of the problem. Large numbers of PCs are getting infected either because users have no protection or that software is unable to cope with new malware. Banking and password-stealing Trojans accounted for 16.6 percent of infected PCs during the first half of 2009, downloading Trojans 4.2 percent. According to Corrons, the rogueware business is controlled by up to 200 gangs globally, but 78 percent of the business could be in the hands of a top ten criminal entities.techworld.com Link to comment Share on other sites More sharing options...
*dcs18 Posted March 16, 2010 Share Posted March 16, 2010 McAfee reports 400% increase in reported incidentsI have an explanation for that . . . . . . http://www.nsaneforums.com/topic/42334-what-is-wrong-with-mcafee/ Link to comment Share on other sites More sharing options...
BBs Posted March 16, 2010 Share Posted March 16, 2010 Belive me Fake AntiVirus software are the smallest problem!Why? Coz you know that you are infected and you can do something, it wouldn't be better if you have some hidden malware or spyware!Its always possible to remove them with simple tricks. Link to comment Share on other sites More sharing options...
CODYQX4 Posted March 16, 2010 Share Posted March 16, 2010 Belive me Fake AntiVirus software are the smallest problem!Why? Coz you know that you are infected and you can do something, it wouldn't be better if you have some hidden malware or spyware!Its always possible to remove them with simple tricks.The way the scam operates is irrelevant. If the victim knew the fake AV was malware, they wouldn't fall for the scam. This is for the naive and less tech inclined.(though the way many of these fake AV are named and look, I feel only a moron could fall for)This is more a social engineering kind of thing. Also, it tricks you into giving up your info, instead of searching your PC, blindly hoping to find bank passwords. So in a way, it is worse Link to comment Share on other sites More sharing options...
BBs Posted March 16, 2010 Share Posted March 16, 2010 Sure, but who is still beliving and paying them money? Cmon i played with a lot of that fake avs, most have simple GUIs, only an idiot would....And even if it looks realistic, what do you think how the victim got infected? I bet he was searching in google for Cr@cks... So he would not even pay for that and give them money, he would search in google for a cr@ck for the FakeAv software LMAO :DFact is they are still not nasty as the other malware which are only trying to completely "Kill" your computer.Few days ago, i saw something which locks windows and doesn't let you do anything until you enter the secret password, it only shows a message which says that you have to send to the number xxxxxxxxx a sms in exchange for the password which you need to unlock your windows again.Lets say for normal/advanced users such a FakeAv should not be a big problem, as the fake av authors want your money and they have to let windows run to get your money, you have still control of your machine! Link to comment Share on other sites More sharing options...
majithia23 Posted March 16, 2010 Author Share Posted March 16, 2010 Belive me Fake AntiVirus software are the smallest problem!Why? Coz you know that you are infected and you can do something, it wouldn't be better if you have some hidden malware or spyware!Its always possible to remove them with simple tricks.Belive me Fake AntiVirus software are the smallest problem!Why? Coz you know that you are infected and you can do something, it wouldn't be better if you have some hidden malware or spyware!Its always possible to remove them with simple tricks.The way the scam operates is irrelevant. If the victim knew the fake AV was malware, they wouldn't fall for the scam. This is for the naive and less tech inclined.(though the way many of these fake AV are named and look, I feel only a moron could fall for)This is more a social engineering kind of thing. Also, it tricks you into giving up your info, instead of searching your PC, blindly hoping to find bank passwords. So in a way, it is worseyes ,thats right ...guys just check this link i posted in the jokes section ...fake antivirus even dcs posted it ....it should prove the point .....;) Link to comment Share on other sites More sharing options...
Sl@pSh0ck™ Posted March 17, 2010 Share Posted March 17, 2010 I found the best solution to prevent fake antivirus infection, it's called Common Sense v1.1 :) Link to comment Share on other sites More sharing options...
majithia23 Posted March 17, 2010 Author Share Posted March 17, 2010 Sure, but who is still beliving and paying them money? Cmon i played with a lot of that fake avs, most have simple GUIs, only an idiot would....And even if it looks realistic, what do you think how the victim got infected? I bet he was searching in google for Cr@cks... So he would not even pay for that and give them money, he would search in google for a cr@ck for the FakeAv software LMAO :DI found the best solution to prevent fake antivirus infection, it's called Common Sense v1.1 :):yes:.but as BBs puts it , " he would search in google for a cr@ck for the FakeAv software" the moron who will be affected , would be in a serious need of updating his common sense engine :lmao: Link to comment Share on other sites More sharing options...
CODYQX4 Posted March 17, 2010 Share Posted March 17, 2010 Sure, but who is still beliving and paying them money? Cmon i played with a lot of that fake avs, most have simple GUIs, only an idiot would....And even if it looks realistic, what do you think how the victim got infected? I bet he was searching in google for Cr@cks... So he would not even pay for that and give them money, he would search in google for a cr@ck for the FakeAv software LMAO Fact is they are still not nasty as the other malware which are only trying to completely "Kill" your computer.Few days ago, i saw something which locks windows and doesn't let you do anything until you enter the secret password, it only shows a message which says that you have to send to the number xxxxxxxxx a sms in exchange for the password which you need to unlock your windows again.Lets say for normal/advanced users such a FakeAv should not be a big problem, as the fake av authors want your money and they have to let windows run to get your money, you have still control of your machine!Some of them do annoying things like lock out regedit and taskmgr, or cause your PC to crash every so often (not sure if this is on purpose or just badly designed). But I definitely see a lot of people get the Fake AV infection by downloading something (my brother DL'd a video converter tool that came with a Fake AV trojan), but they are in two situations:1. They have enough common sense (which has nothing to do with tech knowledge, you should know when someone is blatantly trying to rip you off) or 2. They don't have credit cards or anything to give the FakeAV in the first place. Link to comment Share on other sites More sharing options...
Skunch Posted March 19, 2010 Share Posted March 19, 2010 This is The Internet; Only the strong survive. Link to comment Share on other sites More sharing options...
HX1 Posted March 19, 2010 Share Posted March 19, 2010 LOL.. Like an AV called Malware... LOL anyway.. I am actually posting because I can't take it anymore.. Please fix the Topic Title .. the word sacm.. should be scam.. too long..LOL Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.