Lavasoft News Lavasoft News

Spooky Security Trends

With Halloween just around the corner, we take a closer look at scareware.

As the Internet evolves, so does the sophistication of cyber criminals and their methods. Even the savviest of computer users can fall victim to online threats.

You may not be familiar with the term scareware, also known as rogue security software, but there's a very good chance that you or someone you know either has experienced it, or will in the near future. As malware writers inundate the web with fake anti-malware programs, this kind of trickery is becoming more and more common, and now poses one of today's greatest security challenges to computer users. Scareware has become a very lucrative industry for cyber criminals, and it does not seem to be slowing down. Lavasoft Malware Labs has seen a XX% increase in scareware this past year.

What is Scareware?

Scareware, or rogue security programs, normally start as a popup that claims the web user's PC is infected with malware. It then prompts the user to purchase the fake security software - which is actually malware in disguise — in order to remove the "threat". Essentially, it is malware pretending to be genuine Internet security programs, with the aim to steal your money, private information, or to expose you to other high risk cyber threats.

How does it End Up on Your Computer?

Scareware is distributed in a variety of ways, using social engineering tactics to deceive and mislead people. It can be encountered almost everywhere on the web today. For example:

  • Search Results
    Be careful what you click. Look at the link before you click it. Scammers prey on unsuspecting computer users by exploiting misspelled URL's and use popular search queries about celebrity news and other hot topics to lure users to their website. Clicking on such a link could launch the scareware.

  • Fake Ads
    Ads that look like they come from a legitimate company can in actuality be malware. These ads have even appeared on high-profile sites, such as FoxNews, New York Times, and MSNBC. If clicked on, either a fake malware scan is triggered, or a warning is shown in an attempt to trick the user into believing their computer is already infected with malware, and that purchasing the application will help them get rid of it.

  • Social Networks
    This past year, we have seen an explosive rise in click-jacking attacks and other similar scams on social networks. Tainted links can easily be distributed this way. Again, be careful what you click.

Spotting the Fakes

It is nearly impossible for most people to spot a rogue security program by merely looking at it. Most of them have a professional-looking website that appears to be from a legitimate company.

The user interface often looks very similar to trusted security products.

How Can You Avoid Scareware?

What can you do to help prevent the spread of scareware and make sure that you don't fall for the cyber criminals' tricks? Follow these tips below to tell what's real and what's not when it comes to security software — and share them with friends and family who may be vulnerable to scareware.

  1. Do not fall for scare tactics. While browsing sites, be cautious of pop-ups warning you that your system is infected and offering a product to clean it up. Never pay for a program that installed itself to your computer. This is a hallmark of rogue software.

  2. Use security software with real-time protection and keep it up-to-date. If you know that you have anti-virus, anti-spyware, and a firewall on your PC, you can safely ignore security alerts you receive that do not come from your chosen security software provider. (Rogue security software will often try to lure computer uses by using legitimate looking pop-up messages that appear to be security alerts.) Also, most anti-malware programs, like Ad-Aware, will help keep you protected from rogues because they can detect and remove these programs.

  3. Access experts at the Lavasoft Support Forums or other security forums and ask about the software you are considering before you decide to purchase it.

  4. Read the software reviews at reputable sites like Download.com. Do not blindly trust individual sites offering security products. You can also refer to Lavasoft's Rogue Gallery to check to see if a program in question is listed as a rogue.

  5. Ask knowledgeable friends and family members about quality software they use. Keep in mind that when you search for trustworthy security software online, rogue products can, and often do, appear in the search results list.

  6. Practice online skepticism. Be aware that rogue security software does exist on the Web, and be vigilant about avoiding it. These programs are designed to appear genuine - meaning they may mimic legitimate programs, use false awards and reviews to rope you in, or employ other deceptive tactics. It's also a good idea to familiarize yourself with common phishing scams, and to be cautious of links in e-mail messages and on social networking sites.

Share Home
Lavasoft Registry Tuner 25% Off!
Learn More
BY THE NUMBERS
According to a recent survey, about 25% of households with a facebook account don't use the site's privacy controls or were not aware of them. about 40% of social network users posted their full date of birth online, opening themselves up to identity theft.
- Consumer Reports' State of the Net 2010
TIPS & TACTICS
Cyber Security Month
What can you do to help promote National Cyber Security Awareness Month? Visit StaySafeOnline.org for numerous tools and resources on how to stay safe online and raise awareness about the importance of online security.
WHAT PEOPLE ARE SAYING
“Lavasoft Registry Tuner does an excellent job of finding Registry problems and fixing them, to help keep your system in top shape.”
- PC World
FOLLOW US
Find us on
Facebook
Contact us on
LinkedIn
Follow us on
Twitter
Watch us on
YouTube
SEND TO A FRIEND
Pass on the news, tips and offers in this issue - e-mail Lavasoft News to a friend.
Lavasoft Newsletter

Lavasoft AB Odinsgatan 10, 411 03 Gothenburg, Sweden | www.lavasoft.com | editor@lavasoft.com

Add lavasoft@member.lavasoft.com to your address book to ensure we reach your inbox.

You have received this message because you have registered to get information about Lavasoft and its products. If you would like to update your details or would like to unsubscribe, please click here.

For information on Lavasoft‘s Privacy Policy, please click here.

PLEASE DO NOT REPLY TO THIS MESSAGE. If you require Technical Support, please check the Lavasoft Support Center for information.

Copyright © 2010 Lavasoft AB. All rights reserved.