MailGuard Blog — Breaking alerts, news and updates on cybersecurity topics

How the fake anti-virus (AV) scam works

Written by MailGuard Editor | 06 August 2012 12:26:00 Z

Today I wanted to provide you with valuable insight into a prominent threat on the internet; fake anti-virus software.

Just like any pervasive phishing scam, fake anti-virus uses clever psychology to suck you in.

You can inadvertently download it if you don’t have email filtering or web filtering in place. For example, fake AV was the payload of the elaborate UPS email scam we recently exposed.

An attack like this is one of thousands of variants that can result in the software being installed on your computer. Removing the software can be a nightmare because it is time-consuming and requires utmost care.

 

What does fake anti-virus software do?


Once installed, fake AV is an absolute menace. It usually lies dormant for a while before springing into life. Then suddenly, you’ll start receiving extremely annoying messages alerting you to “infections” on your machine.

The problem... these infections don’t actually exist and although the AV looks convincing (a lot of design work goes into this scam!), it’s completely bogus.

An unsuspecting user would be alarmed by the perceived seriousness of the threats and tricked into paying for a bogus subscription. Not only will they be conned out of money, they also will have given out their credit card information.

If that wasn’t bad enough, fake AV can also slow down your computer and play havoc with real desktop AV.

 

The problem for SMBs


Fake AV is a real problem for SMBs. They must pay meticulous attention to software licenses, maintenance, and updating local security. If their real desktop AV is not up to date, they are exposed to this kind of attack.

 

How to combat the fake AV fraudsters


A good start is to understand that if you see an alert from desktop AV that isn’t the one you installed, it’s fake. Ensure it’s removed and don’t get sucked in.

Beyond that basic step, you can use a web security service hosted in the cloud to help prevent such threats reaching your desktop - this will beef up your existing protection. Cloud based protection will help prevent threats coming from the outside. Meanwhile, desktop AV will stop internal introduction of threats via USB sticks, for example.

Unlike your desktop AV, cloud-based web filtering is always up to date and requires no maintenance, software licenses or installation.

You get the most sophisticated protection possible against nasty scammers and their elaborate schemes.

 
View full post