Scareware on the rise as scammers prey on security conscious


19 Oct 2009

While most of us want to make sure our computers are safe from malware, spam and other internet security threats, we also like when our anti-virus software is cut-price, or, even better, free. This is what some cybercriminals have been counting on as they provide bogus anti-virus software or “scareware” downloads across the web.

Software and services security firm Symantec reports that due to the sophistication of this counterfeit anti-virus software, 93pc of those downloading scareware are convinced it is the real deal.

Cybercriminals profiting

In fact, scareware is netting cybercriminals profits of more than UK£850,000 per year.

Symantec says that to date it has detected more than 250 separate fake anti-virus programs being sold for UK£20-UK£60 through almost 200,000 websites globally.

What is most concerning is that the banner ads for this scareware is being placed on legitimate websites, Symantec says.

What happens if scareware is downloaded?

So what exactly does scareware do to your computer if you download it? Well, for one, it doesn’t actually protect your computer against harmful viruses and phishing attacks, and secondly, it may even “install malicious code or reduce the overall security of the computer,” says Symantec.

Scareware is often hard to detect because the cybercriminals behind the bogus downloads often use “inspired” names, eg, XP AntiVirus or AntiVirus 2008.

“The findings of our report on rogue security software make it clear that cybercriminals are willing, eager and well-equipped to prey on today’s internet user,” said Stephen Trilling, senior vice-president, Symantec Security Technology and Response.

“To avoid becoming a victim of such predatory practices, Symantec strongly urges internet users to make sure they are using the latest security protection and always obtain their security software directly from trusted vendors’ websites.”

By Marie Boran

Photo: Ads for scareware are appearing on legitimate websites.