Slashdot Mirror

← Back to Stories (view on slashdot.org)

Banks Faulted For Fake Antivirus Scourge

Posted by samzenpus on from the passing-the-buck dept.

krebsonsecurity writes "Merchant banks that process credit card payments for fake antivirus or 'scareware' exhibit a distinctive pattern of card processing that could be used by Visa and MasterCard to weed out the rogue processors, according to a new study by the University of California, Santa Barbara. From the study: 'The UCSB team found that the fake AV operations sought to maximize profits by altering their refunds according to the chargebacks reported against them, and by refunding just enough to remain below a payment processor's chargeback limits. Whenever the rate of chargebacks increased, the miscreants would begin issuing more refunds. When the rate of chargebacks subsided, the miscreants would again withhold refunds.' The study also highlights how few customers ever request a refund, and how affiliates pushing this junk software made more than $133 million."

4 of 117 comments (clear)

  1. Re:Pah by Hatta · · Score: 4, Insightful

    Of course it is. You can technically secure a computer all you want, but there's no defense against fraud.

    --
    Give me Classic Slashdot or give me death!
  2. Placebo by Anonymous Coward · · Score: 5, Funny

    If homeopatic "medicine" can be sold legally, I see no reason why anti-virus software that does absolutely nothing should be considered illegal.

    1. Re:Placebo by Chris+Mattern · · Score: 4, Funny

      If homeopatic "medicine" can be sold legally, I see no reason why anti-virus software that does absolutely nothing should be considered illegal.

      It contains less than 0.001% of the virus signatures found in other AV software, so you *know* it's super-effective!

  3. I wish I had a poisoned CC# to hand to scammers by Anonymous Coward · · Score: 4, Interesting

    I would be really happy if my bank gave me a fake credit card number that I could give to every scammer or asshat who tried to sell me "car warranty insurance" or "anti-virus" over the phone. The idea is, it'd be declined, but it'd also flag that this retailer is less-than-ethical, not paying attention to "Do Not Call", etc.

    Like anything else, this shouldn't be connected to automated blacklisting (since people who decide that "Best Buy sucks" might try using it there), but it would be an immediate red flag if thousands of attempted transactions from a payment processor came back this way.