Fake antivirus software is a scam commonly used by malicious software creators in order to sell fake security software to unwitting victims. The scam will typically involve a webpage or pop-up that informs the user they have viruses or other malware on their computer, even though they do not. It then offers to clean the infection. When the user opts to clean up they are required to pay to obtain a version of the fake software the will perform the cleanup. After the victim pays the software may or may not cease the fake warnings.
Technical detail
Fake antivirus, also known as rogue antivirus or scareware, is one of the leading ways for malicious hackers to make money from unsuspecting Internet users. The fake antivirus software typically warns the user that they have various fictional security threats present on their computer. The warnings themselves are false but they are often backed up by believable descriptions of the supposed malware.
When the user chooses to remove the threats they are asked to purchase or register the product and taken to a website that will process the payment details.
The webpages that users are taken to may look like one of these:
Fake antivirus is spread using a variety of methods, all designed to draw an unsuspecting user into installing the software.
Email and messaging
Criminals send spam email and social network messages with the software installer attached, using a social engineering lure to persuade the recipient to open the attachment. Common lures include tax refund information, package delivery notifications or pictures of topical news stories.
Search engine poisoning
Hackers create pages related to common or topical search terms and design them to appear high in search engine results. This makes it likely that people will encounter the page during their usual search activity. The webpages may either display warnings about infection that encourage the user to purchase the fake antivirus, or they download a video player which is actually the fake antivirus installer.
Compromised websites
Cybercriminals often break into other websites in order to spread their software, relying on the site's popularity to draw innocent users. The hackers will then install extra code into the compromised pages, again with the goal of either displaying fake security warnings or exploiting a browser vulnerability to install their software directly. Cybercriminals will often combine these techniques to increase the effectiveness of their fraud.
The fake antivirus software makers use a variety of names for their software to make it appear legitimate. Examples of these names include:
AntiSpywarePro
Antivirus Plus
Antivirus Soft
Antivirus XP
Smart Internet Protection
Security Defender
Some will also steal the names of legitimate security software.
Email and messaging
Criminals send spam email and social network messages with the software installer attached, using a social engineering lure to persuade the recipient to open the attachment. Common lures include tax refund information, package delivery notifications or pictures of topical news stories.
Search engine poisoning
Hackers create pages related to common or topical search terms and design them to appear high in search engine results. This makes it likely that people will encounter the page during their usual search activity. The webpages may either display warnings about infection that encourage the user to purchase the fake antivirus, or they download a video player which is actually the fake antivirus installer.
Compromised websites
Cybercriminals often break into other websites in order to spread their software, relying on the site's popularity to draw innocent users. The hackers will then install extra code into the compromised pages, again with the goal of either displaying fake security warnings or exploiting a browser vulnerability to install their software directly. Cybercriminals will often combine these techniques to increase the effectiveness of their fraud.
The fake antivirus software makers use a variety of names for their software to make it appear legitimate. Examples of these names include:
AntiSpywarePro
Antivirus Plus
Antivirus Soft
Antivirus XP
Smart Internet Protection
Security Defender
Some will also steal the names of legitimate security software.
Article Source
No comments:
Post a Comment