Thursday, 22 December 2011

Fake antivirus: A contagion masking as an antidote

Fake antivirus is definitely counted amongst the most potent online threats. Christened as rogue antivirus, rogues, or scareware, the embezzler employs social engineering for luring users to malicious sites and scaring them into paying for fake threat removal tools.

Waylaying PC users into deft traps
Antivirus SupportFake antivirus as a security software pretends to find dangerous security threats—such as viruses—on a PC. The application while starting with a free scan ends up asking PC users to pay in the progressive stages for cleaning up fraudulently reported “threats”. The same set of alerts end up prompting users to visit a site where they would be asked to pay for non-existent threats to be cleaned up. With the fake antivirus malware continuing to send annoying and intrusive alerts until a payment is made or the malware is removed.

Compared to other malware such as Bots, Backdoor Trojans, Downloaders and Password Stealers; Fake Antivirus draws a victim towards handing money directly over to a malware author. With victims paying anywhere around 100-120 dollars to pay for junk software supposedly considered as a quick fix for the problem.

Infection is a Click Away!!
Although through many different ways a fake antivirus may get onto a system, the majority of distribution avenues rely on social engineering. Going ahead and tricking PC users into running a fake antivirus install executable in a way similar to many other types of Trojans. With fake antivirus, a huge range of social engineering tricks are being used and still new ones are coming up all the time. Commonly ending up comprising of:
  •  Email spam campaigns
  •  Compromised websites and exploit payloads
  •  Search engine optimization poisoning
  •  Fake antivirus downloads by other malware

