Microsoft warns of ‘scareware’ threat to exploit hacker fears

8 Apr 2009

Hackers and virus writers are distributing rogue security software – also known as ‘scareware’ – to take advantage of users’ desire to keep their computers protected, Microsoft has warned.

The rogue software lures users into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information.

The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world. For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year.

In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6pc  over the first half of 2008.

Rogue security software and other social-engineering attacks such as these compromise people’s privacy and are costly; some take personal information and drain bank accounts, while others infect computers and rob businesses of productivity.

“We continue to see an increase in the number of threats and complexity of those threats designed to implement crime at a variety of levels online,” said Vinny Gullotto, general manager of the Microsoft Malware Protection Center.

“But as Microsoft and the industry continue to improve the security of our products, and people become more concerned about their online safety and privacy, we see cybercriminals increasingly going after vulnerabilities in human nature rather than software.

“By working with others across the industry, Microsoft is helping combat the next generation of online threats through a community-based defense, resulting from broad industry co-operation with law enforcement and the public.”

The Security Intelligence Report also showed that as software companies have improved the security of their operating systems, attackers have shifted their focus to the application layer, where the majority of vulnerabilities are now being reported; nearly 90pc of vulnerabilities disclosed in the second half of 2008 affected applications.

The report showed that lost and stolen equipment, not computer hacking, continues to be the most common cause of security breaches resulting in data loss publicly reported in the second half of 2008 — totalling 50pc of reported incidents.

To mitigate this threat, organisations must implement strong data governance practices to help protect data from criminal access.

By John Kennedy