Rogue Anti-Virus Victims Rarely Fight Back

krebsonsecurity writes "One big reason why rogue anti-virus continues to make major bucks for scam artists: relatively few victims ever ask their credit card company or bank to reverse the charges for the phony security software — even when the victims don't even receive the worthless software they were promised. I recently found several caches of data for affiliates of a rogue anti-virus distribution program, and the data showed that in one set of attacks only 367 out of more than 2,000 scammed disputed the charge. A second rogue anti-virus campaign scammed more than 1,600 people, and yet fewer than 10 percent fought the charges."

potential reason to not dispute a charge

I recently had a $10 charge from a company I'd never heard of. Slightly different than this story, it was not from a rogue antivirus, but just a plain-old unauthorized charge (out of the blue). I called my bank to dispute it, but they said I'd need to change my charge number if I disputed it. I decided I'd rather eat the $10 charge, than deal with the hassle of updating my card number (and updating everything that auto-bills it).

"Buyer Beware"

[mcrbids]

Mostly people think that if they get scammed, that they were stupid or suckers and don't want to admit that they were duped. Calling the Credit Card company to reverse a charge for $40 is embarrassing, and they would rather just pay the "sucker tax" than go thru the effort, confusion, and embarrassment of disputing a charge.

And this is true in those cases where they even know they can dispute a charge - how many card holders even know that they can do this? I probably had a card for at least 5 years before I found this out, and I would consider myself somewhat more informed than the average consumer.

I work at a computer repair shop

We see a lot of customers coming in with fake antivirus installed on their machines, and the customers sincerely believed they were purchasing a valid piece of software. I think the largest problem when I see people encountering this scenario, is that typically:

1.) They don't realize they've actually been scammed. Pop ups start appearing on their computer, and they receive an offer to purchase "antivirus" and fix the problem. They now think they're protected, but continue to have problems.

2.) They tried calling Visa/MC/Discover and couldn't convey why they were charged for a bogus product. Some of the "EULA" agreements that come with these fake antivirus products actually state in the fine print that the software product does nothing. People click "OK" on anything, and legally agreed to pay for a piece of software that doesn't do anything.

3.) Don't know how / Don't care. Whatever. Take the computer into a shop and have someone fix it, hopefully $60 of fake antivirus is enough to jog my memory into being a little more careful on the internet.

I've even see plenty of customers willingly disabling antivirus / firewall products because they are "inconvenient" when trying to do other things on the computer. Fake antivirus and antimalware really is quite a genius scam, but it doesn't surprise me that a lot of people lose to it, and rarely ask for their money back. Some of these people don't even know what malware IS.

Re:I work at a computer repair shop

[bendodge]

Hmm, I also work at a local PC repair shop, and I disagree with your assessment of all anti-malware software. Malwarebyte's real-time protection has done wonders for some of my customers. The porno-watchers come in more frequently than anyone else, and one guy in particular was in literally every month. Since selling him a $25 MBAM license we haven't seen him since. Now, that may not appear good for business, but I think that what's good for the customer is usually good for business in the long run.

Now, I agree most anti-malware software is junk. Ad-Aware, Webroot, etc are all quite antiquated, but MBAM is relatively new and is still at the edge of the arms race. When coupled with the latest NOD32, I can usually keep a family PC clean for least a year or more. The problem is when people disable it manually...

related-

[Trailer+Trash]

I once read an article about a guy who "sold" penis enlargement pills through spamming. I put "sold" in double quotes because he said he never shipped a product, and didn't even have any to ship if he wanted to. His reason? "Who's going to call their credit card company and tell them they didn't get their penis enlargement pills that they ordered?"

While not at the same level, I'd hazard a guess that it's the same here.

Many aren't smart enough. Or rather,

[aussersterne]

they don't understand enough about technology / computing to figure it out. I've helped several people with Windows reinstalls (just did it again this weekend, in fact, on a really nice, new Dell laptop that this person was ready to trash and replace after just a year) who fell for this sort of thing and fully thought that through the magic of internets and computers, their "purchase" had done SOMETHING for their computer, but it just wasn't enough to outweigh the terrible destruction already wrought by Teh V1rus!

In this particular case, the person got a fakeAV popup that installed malware that generated popups. This caused him to start searching his email for "antivirus," remembering a SPAM he'd seen, and he ended up with AV fakeware Cc: charges. He didn't actually realize this, assuming that the AV fakeware had silently, invisibly done its best but the original virus was "too strong" (two pieces of malware now spitting popups at an alarming rate and disabling various things) and he went out into Googleland looking for fixes, all of which were no doubt too technical for him and all of which he attempted to follow to a 'T' deleting a bunch of random files from C:\WINDOWS\SYSTEM and C:\WINDOWS\SYSTEM32 in the process and borking his system entirely.

When he came to me saying "So-and-so tells me you can fix computers, so I thought I'd bring mine to you before I throw it out, it's been completely destroyed by a virus..." he was sure that it was all down to the horrible virus he'd "caught" and that he'd been valiantly battling it for a week, rather than single handedly destroying his own Windows install at a record pace.

It was too f'ed up for system rescue, so I just wiped and reinstalled. He was AMAZED that I brought it back to life, and in just an hour or so. He was sure that I was the absolute best virus fighter in the universe. Told me I should go work for the Best Buy Geek Squad (uhh, thanks...) because they need people like me.

It's not that he's a total idiot, but computing in anything but buzzwords and marketing soundbytes remains a specialized set of skills that take time and study (and an awareness of where the right resources can be found) to develop. Most non-geeks just assume it's all due to Teh V1rus!, and the press and their coverage do little to add nuance to this notion, not to mention manufacturers and retailers that are only happy to sell the same person the same system every six months for a fresh $1k after they "got got by Teh V1rus!"

Re:Too busy

[Runaway1956]

I hear the runaround thing. I was looking at one of those federal grant sites some time ago. Had to pay $1 or so to get access to some stuff, so I paid. I THOUGHT that I had read everything, I paid the small fee, downloaded some documents, read them decided the place wasn't what I was looking for. The following month, I had a charge of about $40 on my card.

The credit card company refused to halt the transaction! Utter asswipes! They claim to be concerned with security, but when a customer calls in to say, "I'm being ripped off!", they do nothing.

I got better response from the scammers when I called them. One call was all it took for them to agree NOT to charge me any more.