Totally legit.
Do you know what your anti-virus software looks like? I'm not just talking about the little icon down in the tray, I'm talking about everything else too: its full name, the user interface, the kinds of messages that pop up when it detects something suspicious... no?
Well, you really, really should.
People trust their antivirus software to protect them from all kinds of threats, be they viruses, adware or anything else malicious. And when something suspicious is detected, people tend to follow whatever directions they're given to remove the threat. Which is usually a good thing.
Unless it's not their actual antivirus software.
The Scam
"Scareware" is any software that tries to frighten you into purchasing it. Most commonly, a website will make false claims regarding the safety or security of your computer (such as claiming your computer is infected by a virus). By putting you in a state on anxiety, the hope is that you will pay to make the threat go away.
And it works. As of last year, roughly 15 percent of all malicious software on the internet was of the "scareware" variety, a trend that continues today. One of the most popular methods is to imitate antivirus software and hope that you won't realize that it's fake. By preying on users' combined trust of and lack of familiarity with their computer's defenses, scammers can often con them into paying for fake antivirus software they don't need. Consider the following dialog box:
I'd rate anything with "monster" in its name as critical, too.
Since most people aren't intimately familiar with their antivirus software, they'll assume that a message like the one above is real. But alas, it isn't. The above image is from an online scam, and all it needs is a single click (and maybe a password) from you to open the floodgates to much worse.
Infiltration
The scammer's ultimate goal is to install malicious software onto your computer. The tricky part, though, is that they generally can't do it without your permission (it is your computer after all). This is where scammers rely on that little thing I mentioned earlier: many people don't know exactly what their antivirus software looks like. The idea is that if you see a message like the one above and think it's coming from your real antivirus software, you'll go ahead and approve whatever actions it suggests to take.
This little bit of participation is crucial: by explicitly giving the program permission to do whatever it wants, you've indeed given it a green light to do whatever it wants. This kind of trickery is called "social engineering," and it's one of the most reliable tools in the hacker arsenal. Rather than force their way onto your computer, if a hacker can convince you to let them on, they can easily proceed with the rest of their insidious plan. And they've found that a great way to do this is by masquerading as your computer's security software.
Below are some of the many different 'brands' that fake antivirus software will represent themselves by, as given by a recent Microsoft Security Intelligence Report.
Better install all of them, just to be safe.
In fact, each of the above is actually a variation of the exact same program. Many of them have a very professional appearance, and to the untrained eye look like they might be a part of the Microsoft Security Essentials package, a legitimate antivirus program. Of course, they're all about as illegitimate as can be, and they're here for your money.
Extortion
Once the fake antivirus software is installed onto your computer, three things will tend to happen: first, you will see the results of a (fake) 'virus scan' that will claim that viruses were found on your computer. Second, the functionality of your computer will be limited so that you are forced to deal with the fake antivirus software and its bogus scan results (the software will often claim that this is for your own protection). Third, you will be prompted to pay for the 'full' version of this worthless program so that it can remove all of the (fake) viruses it detected.This, of course, is the crux of the scam: to get you to open your wallet. Even if you don't believe the results of the scan, the functionality of your computer is still compromised. Some will even go so far as to hide your files from you until you pay up. The idea is that even if you know it's a con, you might consider paying just so that you can have your computer back again. Software of this kind is often referred to as "ransomware" because it effectively holds your computer hostage until you pay a ransom for its release.
What to Do
Fortunately, a little education goes a long way toward avoiding scareware in the first place. First of all, only trust messages from your real antivirus software. Familiarize yourself with its name, its interface, and its general appearance. If a pop-up claiming to have found a virus on your computer looks nothing like anything you've seen before, don't automatically give it permission to do whatever it asks. Treat it with suspicion, and proceed with caution. Second, realize that you shouldn't have to pay your existing software to remove a virus. If you bought antivirus software, it's already paid for and will do its job without additional surcharge. If the message purports to be from Windows or OS X, you certainly shouldn't have to pay. Be suspicious of anything that combines an immediate threat with an immediate need for your credit card information.If you're browsing the web and suddenly receive a pop-up message decrying the state of your computer's security, again, take caution. If you think it might be a scam, close your browser window immediately. If the window won't close, use Ctrl+Shift+Esc (Windows) or Cmd+Opt+Esc (Mac) to select your browser application and force it to quit.
Most importantly, do not pay the ransom! This is crucial, not just because you don't want to be the victim of a scam, but also because you're just asking for your credit card and other personal information to be misused. Even if you are only charged for the fake antivirus software, a scammer is not the kind of person to entrust your credit card information with. You're better off seeking professional help and paying someone trustworthy to remove the rogue software for you.
Of course, this isn't to say that you should automatically treat every security alert as a scam. The point is that you should be aware that these kinds of scams exist, and know that they're fairly common. Knowledge is power, and by becoming familiar with the legitimate security software on your computer, you can easily avoid being tricked into installing bogus scareware in the first place.
Duct tape: the original hack.
.png)
No comments:
Post a Comment