Halloween is months away, but many of your customers are being plagued by ‘scareware’ daily in the form of fake security software. Google recently completed a study providing data that fake security software accounts for a staggering 15% of malware found on the web. Symantec discovered similar data in that 43 million users downloaded rogue security applications from June 2008 through June 2009. Because the United States is the prime target for this type of malicious activity, your customers are included in the pool of affected users. Fake goods are no longer just made in China.
What is Fake Security Software?
Fake security software usually arrives in the form of some sort of panic-inducing flashing sign or pop-up indicating that a computer is infected with a virus or security threat. This is often coupled with an out-of-control scanning utility that tries to coerce the user into believing that his computer is swarming with viruses, and those viruses need to be instantly removed. Added to the already induced hysteria is a link to a website or download that can ‘clean’ the computer of the security vulnerabilities.
This type of rogue software looks 99% authentic, causing most users to immediately enter payment information to download anything that is going to protect their precious memories of Field Day with the kids. Even Mac users are not exempt from these types of attacks, as many of them are partaking in cloud computing and often store personal information in various online platforms. With the installation of the rogue software, it is possible for personal information to be compromised, in addition to a sharp decline in computer performance.
How to Spot a Fake
Fake security software perpetrators are very clever, and the applications can almost go unnoticed because users don’t recognize the tell-tale signs. Most users will be unsuspecting of the fake pop-ups and warnings because of the advanced techniques that are being used to mimic many reputable security applications. The Windows Update process is openly exploited in various fake security applications as many users tend to immediately act upon updates and security alerts that are provided by Microsoft.
Most fake security software has alerts that seem unfounded. A user may have completed his anti-virus software scan and completed the latest round of Windows updates, but there’s a little flashing neon sign in the notification area emblazoned with a “Your computer is infected’”moniker. The excessive scanning that often accompanies the installation of the fake security software is also a glaring sign that the software is an impostor. There may also be poor grammar or wording contained within the fake security software that may alert your customers that Hooked on Phonics apparently didn’t work for the perpetrator.
Preventing Malicious Attacks
Your customers will be the first line of defense in preventing their computers from being compromised with fake security software. Many will need to tame their index fingers and not click on every pop-up ad that advertises security software as this is often the initial lure into the download. Web browsers and operating systems will need to be updated regularly, preferably as soon as new updates become available. Your customers will also need to ensure that they are using and scanning their computers with reputable anti-virus and anti-spyware/malware applications that are also current. Firewalls are another preventive measure in combating attacks.
How Can You Help?
Educating your staff on how to provide assistance to your customers in spotting fake security software and prevention can ease many minds and shed the anxiety of your customers’ computers being attacked. If your customers do become infected with fake software, provide solutions on how to remove infections and reference materials so that your customers don’t experience a ‘drive by’ download again.
If you’d like to share additional tips on fake security software, please feel free to leave a comment below.