FBI - Victims of Fake Antivirus/Rogueware Scams Lose $150 Million
In an unprecedented move, the Federal Bureau of Investigation (FBI) has warned the general public to be careful of fake antivirus software which has caused losses of over $150 Million to victims.
The Bureau posted an intelligence notice on the Internet Crime Complaint Center's website on December 11, 2009, saying that people surfing on the Web must be vigilant of real-looking AV programs called "scareware" or "rogueware."
The notice says that scareware programs pose high threat to majority of users as they are very aggressive and entice users to buy them. These programs allege to clean viruses from computers. To push them, online criminals employ botnets as well as post ads on websites for their delivery, a process called malvertising or malicious advertising.
The notice further says that a pop-up is not easy to close by hitting the "X" button or clicking "close." Conversely, if the user hits the pop-up's "Yes" button to buy the AV program, a form appears, which gathers payment information and charges the user for the fake item. At times, the rogueware might plant malware on the PC irrespective of the user clicking or not clicking pop-up. The problem occurrence becomes more likely if there is an account on the user's computer, which provides the right to load applications, the notice explains.
If the so-called AV software is downloaded, it could lead to the installation of viruses, Trojans, and/or password intercepting keylogging programs.
According to the Anti-Phishing Working Group, during January-June 2009, the total number of scareware programs exceeded that of 2008 as a whole.
Security analysts state that a large number of variants are created so that authentic antivirus software may fail to detect the rogueware programs.
According to the FBI, when users are offered any software, they should find out its exact name. They should also keep their security software and operating systems up-to-date. In case, they get a rogue AV pop-up, they should shutdown their PC or close their Web-browser. When they turn on the computer again, they should execute a complete AV scan on it.
» SPAMfighter News - 22-12-2009