Slashdot Mirror

← Back to Stories (view on slashdot.org)

Web-Users Fall For Fake Anti-Virus Scams

Posted by CmdrTaco on from the i-use-magnum-xl-av dept.

jhernik writes "Fearing their computers may be prone to viruses, many web-users download fake anti-virus software, only to find later that their bank details have been hacked. According to the latest research by GetSafeOnline.org, the UK's national internet security initiative, a rising nunber of organised criminal gangs are tricking security-conscious intenet-users into purchasing anti-virus software to access their bank details. Posing as legitimate IT helpdesks, these fraudsters target internet users concerned about protecting their computers. By offering free virus checks, they normally tell consumers that their machines are infected and offer fake security software protection – usually costing around £30 – which is actually malicious software in disguise." The fact that there is such a thriving market for fake AV scams really says something about the present state of the legitimate AV market.

12 of 272 comments (clear)

  1. Re:PEBKAC by oldspewey · · Score: 4, Insightful

    Nerds of the world, it is time to unite around a new cause. It is time to write, and release, a new virus that relies on a series of incredibly stupid attack vectors - the kinds of attack vectors that only a clueless dipshit would actually fall for. The virus has only one simple payload: it uninstalls all network drivers on the machine.

    After several trips to get their machine "repaired," these folks will either wise up, or give up.

    Who wants to join the crusade?

    --
    If libertarians are so opposed to effective government, why don't they all move to Somalia?
  2. cue /. superiority complex... by kj_kabaje · · Score: 4, Insightful

    cue /. superiority complex... Seriously, rather than tag as !news or PEBKAC, how about some intelligent discussion about either educating the general public or another more intelligent solution?

  3. It's a pavlovian response by Flipao · · Score: 3, Insightful

    You gotta give it to companies like McAffee, Symantec, etc... they know how to scare people into handing over money so they are "protected". It was only a matter of time before people started to copy their methods.

  4. Re:What planet has the submitter been living on? by ByOhTek · · Score: 3, Informative

    There was a huge news rush several years back. Slashdot is just trying to catch up.

    --
    Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
  5. Re:PEBKAC by symbolset · · Score: 4, Funny

    Not only is there already such a virus, the PC usually comes with it preinstalled.

    --
    Help stamp out iliturcy.
  6. Re:PEBKAC by EdZ · · Score: 5, Insightful

    It's already pretty damn easy to identify fake AV software. Just follow this simple flowchart:

    Is it advertised through a popup or an unsolicited email? > Yes > It's a scam!

    Simple! This works for all products, not just fake AV.

  7. AV companies scare their customers by benjfowler · · Score: 5, Insightful

    Colour me surprised.

    I recently had to install Windows 7 at home, and decided to put Norton AV on my machine. I boot up on Windows roughly once every couple of weeks to run a specific application. So I notice Norton AV popping up loads of windows, running it's intrusive update process about bombarding me with scary looking crap prompting me to read about the "latest security threats from cyber-criminals". Hair-raising stuff, especially if you're not a computer specialist.

    I'm an IT professional, and _I_ find this behaviour sleazy, unethical, annoying and slightly alarming. This is a product I paid GOOD MONEY FOR. I'm PAYING to be bullied, essentially.

    So I can just imagine the average user being bullied and terrified by this crap... which is not only enriching the AV vendors, but also making regular folk like lambs to the slaughter for the forces of evil out there.

    I'd say that the consumer, criminals and the AV companies are really inhabitants of one ecosystem: prey, parasites and predators respectively.

  8. Re:How is this news? by piripiri · · Score: 3, Insightful

    Most people are fucking idiots.

    Not idiots, but ignorant. You can't blame them for that.

  9. Re:Ugh by gad_zuki! · · Score: 3, Interesting

    >so it's the users installing it and not just holes in the system being exploited.

    Are you sure about that? The analysis of various crimepack stats posted by Brian Krebs shows that the vector for these infections is usually (in order) Java, Adobe Reader, Flash, and browser exploits. So lets assume you patched these machines using Windows Update. That means you patched any known browser exploits, but the malware writer can still try various Java, Reader, and Flash exploits.

    I think the real issue currently is how poorly these app updaters are written. Reader may never ask to do an update unless you manually start it once to install the current version of Adobe Updater. Java, depending on the version, either sits quietly in the tray asking for an update or never bothers. Flash asks at startup sometimes, but it may only update IE, but not Firefox.

    For end users who have no clue, which is most of them, these apps should just be set to auto-update without asking. Admins and power users can edit this as needs be. In the meantime, its pretty trivial to infect a machine. Almost no one makes an effort to patch these apps.

    I don't believe the problem is PEBCAK as we like to think. Browser plugs are a serious issue. They're just not being updated.

  10. Re:PEBKAC by Bert64 · · Score: 3, Insightful

    The walled garden approach (eg apple) works well for average users...
    Linux distros with trusted repositories are a good idea too, the average user still receives the protection of getting all their software from a known trusted source while advanced users still have the flexibility available.

    End users should not have root or equivalent access, they should only be able to install software from trusted sources and should defer to a third party (either someone they know, or a paid service etc) for anything more advanced.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  11. re: It's the users installing it by King_TJ · · Score: 3, Informative

    Actually, I'm not so sure it's always an issue of users installing this stuff voluntarily?

    The "Vundo" trojan is supposedly a leading cause of automated installations of the annoying "AntiVirus 2009/2010" fake AV packages and other garbage.

    (See: http://en.wikipedia.org/wiki/Vundo)

    I recently cleaned this off of a PC for a client of mine, and in their case, the original trojan horse files were found embedded in the compressed Java runtime files. So at least some of this stuff may be coming from "drive by infections" that take advantage of security flaws in older versions of the Sun JRE. Once the trojan is implanted in the JRE, it proceeds to auto download and install this other stuff.

  12. Mum kept getting Calls by otherniceman · · Score: 3, Informative

    My mother kept receiving calls from some company claiming to be IT support and trying to get her to visit a website to update her machine as there records show it being infected. She always says that my son deals with that sort of thing and she will just not switch the computer on until I have checked it. One day they called while I was there so I spoke to them, they always mumbled the name of the company, I asked them for their company registration number as I needed to check they are a legitimate company. They try to get me to visit there website where I can see that they are legitimate, eventually they give me a number which was about 12 digits too long for a company registration number I tell them I can't find anything about them at Companies House and eventually they give.