Fake Antivirus Software
"Recently I got a popup warning me that a virus had infected my computer, and I needed to download some antivirus program to get rid of it. I did so, and later discovered it was a very slick FAKE security tool that really messed things up. How can I avoid fake antivirus programs in the future?"
Beware of Fake Antivirus Programs
Con men have always known that the easiest way to deceive a mark is to offer what he wants most. People are not skeptical of what they want to believe in. So it is no surprise that cyber crooks are offering false protection against dangerous viruses. Yes, that free antivirus program you were so glad to discover and installed so eagerly may be a virus in disguise! You may even have paid money to let this fox into your chicken coop.
A sudden injection of fear is a very useful tool for getting people to do what you want. You may be surfing the Web when suddenly a yellow "hazard" triangle pops up and alarming words cry, "Your computer is infected by a virus! Download this antivirus program right now!" or words to that effect. A lot of people do so without an instant's hesitation. Then they're in trouble.
These rogue antivirus programs look busy running reports, and tell you they've deleted viruses. But in reality, they may have sniffed out your bank account data, passwords to sensitive sites, Social Security Number, and other things used for identity theft.
Sometimes fake antivirus programs secretly install "bot" software, enslaving your computer to a remote mastermind who will use it while you're away to distribute spam or malware to other unsuspecting marks. If your ISP determines that malware is being distributed from your computer you may lose your Internet account, or even get a visit from the police!
Detecting Fake Antivirus Programs
For starters, watch out for well-known rogue products with names such as Antivirus 2009, Antivirus 2010, Win AntiSpyware, and Antivirus 360. But unfortunately, those are just the tip of the iceberg. According to Network World, fake antivirus programs are proliferating so fast, they could soon outpace the ability of legitimate security tools to detect them.
So aside from the names, how can you recognize fake antivirus programs before it's too late? There are several tell-tale signs:
High levels of alarm: those yellow triangles, jittering popup windows, lots of exclamation points, the word "alert" repeated six times per second -- all these things are done to induce alarm and cause you to act without thinking first.
A phony free virus scan "performed" without your permission is another tipoff. Real antivirus vendors ask if you want them to scan your computer, fake ones often tell you they have done so and found malware the instant you land on their site. A full virus scan takes many minutes, not a split second.
"Buy it right now" pitches. Every legitimate antivirus program lets you download a trial version before you buy.
No links to reviews of the product in recognized publications. Don't be fooled by "testimonials" that were written by the malware maker himself.
If you encounter a popup window alerting you that your computer is infected, DON'T close the popup window with a click of your mouse! That often triggers the secret downloading of a malware program onto your computer. Instead, close your entire browser and restart it without restoring the previous tabs that were open.
Use a browser other than Internet Explorer. IE is the most popular browser and malware makers target its vulnerabilities. You are less likely to be infected if you use an alternative browser such as Firefox, Safari, or Google Chrome. Be aware that Firefox, which is used by about 30 per cent of Web surfers, is a secondary target of malware writers. There is safety in obscurity.
Perhaps the best way to avoid fake antivirus software is to have REAL security protection in place. And fortunately, there are some excellent Free Anti-Virus and Anti-Spyware tools you can download and install on your computer. These tools will not only scan your hard drive for existing malware, but they'll also block it from being downloaded in the future.
Have you been a victim of a fake antivirus program? Do you have tips for dealing with rogue security tools? Post your question or comment below...
|
|
Need more tech support?
|
|
|
 Check out other articles in this category:
|
Posted by Bob Rankin on November 13, 2009 07:23 PM
| Need More Help? Try the AskBobRankin Updates Newsletter. It's Free! |
 |
Prev Article: Consolidate Email Accounts |
|
Next Article: Geekly Update November 17 |
 |
|
Link to this article from your site or blog. Just copy and paste from this box: Related Keywords: Anti-Virus fake antivirus rogue security malware scanner virus warning popup |
There's more reader feedback... See all 16 comments for this article.
Post your Comments, Questions or Suggestions
|
Ask Bob Rankin Home Page
Subscribe to AskBobRankin Updates: Free Newsletter |
|
| Copyright © 2005 - Bob Rankin - All Rights Reserved | ||
Article information: AskBobRankin -- Fake Antivirus Software (Posted: November 13, 2009 07:23 PM)
Source: http://askbobrankin.com/fake_antivirus_software.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Fake Antivirus Software"
(See all 16 comments for this article.)Posted by:
tony gadaleta
14 Nov 2009
Hello Bob
As I guess most people know, Microsoft offer free anti-virus and anti-spy ware for genuine Windows operating systems called 'Security Essentials'.
I've downloaded the program which appears to be effective and updates automatically to include latest detected malware definitions.
Do you recommend keeping Windows Defender running in conjunction with 'Security Essentials'?
Personally, I don't like having unnecessary programs running which are just using up resources for no good reason and so I de installed Defender figuring that Security Essentials has similar if not and identical program that adequately deal with spy-ware.
Cheers and best wishes
Posted by:
Russ Jackson
20 Nov 2009
I've been hit with these things so many times I can almost smell them the minute they infect my machine. Sadly, sometimes it's too late to simply close my browser to stop it. What does work is to shut down my machine completely then:
1. Restart in safe mode.
2. Run a full anti-virus scan (I use Trend Micro)
3. Follow that with a complete Malwarebytes scan.
Whatever they find I either quarantine or delete. I keep these apps updated at all times, since you can't update in safe mode. This is important because malware and viruses change so fast that you need the latest information to identify them. If you know your machine like I know mine, you'll notice a change in its behavior almost instantly. And when that happens it pays to act quickly. Let's face it, the bad guys are out there just waiting for us to drop our guard for a split second. Sad, ain't it?
Posted by:
Hdhawk
20 Nov 2009
When all else fails in the bogus anti-virus war I have had very good results going to a Restore Point dated prior to the attack.
Posted by:
CC
20 Nov 2009
Sometimes rouge anti viruses come as a popup and are not in a "browser window", on those occasions use a very old trick, instead of your mouse, just press Alt and F4 on your keyboard. Works on other popups as well.
Posted by:
mzaban
20 Nov 2009
If you use a Windows-based computer, whenever something suspicious pops up, be sure do the following (as suggested by an IT person at my place of employment) - {"Ctrl-Alt-Del", then "Task Manager", then "End Task"} - as the safest way to close out that suspicious box.
Posted by:
Miles3298
23 Nov 2009
Very informative. Unfortunately, I've had experience with multiple fake Anti-Viruses, and I've been able to get of them... mostly. Except for one, which doesn't give me a title to google removal instructions for.
What do I do if a fake anti-virus starts itself in Safe Mode? No anti-virus/spyware thing I've used fixes that. I've had this problem before (Anti-Spyquake, which was fixed by AVG), but this one I can't find stop from running.
Posted by:
Juanita Moore
27 Nov 2009
I somehow got one of these viruses last year even though I had an up to date legitimate famous brand anti-virus/firewall program installed. Even a friend of my daughter's who was a computer guru at the nearby University was at a loss. He said what I had was a particularly nasty one. I believe it was some kind of "root key" or something like that virus. When all the things he suggested didn't work, my only choice was to get an external hard drive to backup the family pictures and a few other important things and then totally restore my computer using the restore disk that came with it. That did the trick. I wished a lot of ill will during that time to the creep that started that one.
Posted by:
Camp Kohler
09 Jan 2010
What is the technical term for Web pages of words/phrases designed match searches for the purpose of delivering fake AV scams?
EDITOR'S NOTE: I've always called them "rogue sites". Scareware is another related term for things that try to make you think you've been infected.
Posted by:
Dave in Indy
15 Jan 2010
I've had two such malicious rogue's effect me in the last 15 months, or so. The latest one was a bot and it was particularlly rude - it tried to uninstall Malwarebites and to disable Norton. At any rate, I finally found some remedy to this one called "Defender AV" or something similar to the real Windows Defender. It was an exe that partially disabled the bot (turned off the rogue features) and then Malwarebites got rid of the rest. Whew!, that was scary....
Posted by:
Warren
27 Jan 2010
For the most part, fake AV programs won't be detected by legitimate AV programs because they are not technically a virus. The best solution I have found is to run Combofix (found at COmbofix.org). This is a automated program that is by far the most effective tool I have ever used to get rid of malware. I highly recommend it.
EDITOR'S NOTE: I don't know why you say fake AV programs are not "technically" considered a virus. How do you think they differ?