Fake antivirus, or scareware, uses social engineering to lure users to malicious sites and scare them into paying for fake threat removal tools. It is one of the most frequently encountered threats on the web today according to SophosLabs.
Scareware pretends to be security software that finds dangerous threats lurking on your computer. The initial scan is usually touted as free, but users are prompted to people pay up to remove the fraudulently-reported threats, threats that don’t really exist. Fake antivirus malware will continue to send annoying and intrusive alerts until a payment is made or the malware is removed. It is a huge revenue source for cyber criminals.
Aside from charging unsuspecting people up to $120 to remove the fake virus, fake antivirus makes large amounts of money by driving traffic toward partners that earn between $25 and $35 to infect additional computers. SophosLabs reports the prolific rebranding of fake antivirus names to confuse users and elude detection. Scareware uses all sorts of tricks to cause panic in users who will rush to download the virus protection software, only to end up infecting their computers.
Typically, fake anti-viruses makes use of social engineering techniques to trick users into downloading and running an unknown executable, which is the fake antivirus installer. A very common source of scareware infection is clicking on links received from popular search engines. These poisoned results will redirect users to a fake antivirus-controlled website that displays a fake scanning page, informing them that their computer is infected and they must download a program to clean it up.
Sometimes, users are taken to a fake movie download page where they are told they need to download a codec to view the movie. Fake antivirus is also often sent directly to victims as an attachment or as a link in a spam message.
Reduce the risk to your business by protecting all routes of attack. Here are a few steps your business can take to protect against fake anti-virus.
- Use software that filters URLs and blocks spam to prevent fake anti-virus from reaching users.
- Protect the entire network with endpoint web protection, live protection and firewall protection.
- Stop attacks with anti-malware software, ongoing updating and patching efforts, run-time detection and low-impact scans that detect malware, adware, suspicious files and unauthorized software. Anti-malware software must be kept up to date.
- Employees should be told not to click on anything suspicious and reminded that they should contact the IT department for anti-virus protection. Employees should not try to deal with it themselves.
ACE IT Solutions has relationships with companies that provide best-of-breed anti-virus, anti-malware and end-point protection. We can help you evaluate security vendors and select the network protection solution that is best for your business.