News
Symantec: Rogue Security Software is Big Business for Crooks
Hocking so-called "scareware" is the latest lucrative business in cybercrime, says Symantec.
By Joan Goodchild, Senior Editor
October 19, 2009 — CSO —
The bogus ads are everywhere. A pop-up tells you: "Your computer may be infected" and urges you to download security software that will scan your computer for viruses, protect it from future infection or both. The problem is most of these products are scams that give you software which is useless. In some cases, the software is even dangerous because it downloads malicious code onto your computer.
The threat from these "scareware" tactics is growing, according to the results of a report released Monday by Symantec Corp. The Report on Rogue Security Software reveals that cybercriminals are profiting from a highly organized affiliate-based business model that rewards scammers for selling bogus security programs to users caught off-guard by persuasive online scare tactics.
Read how the New York Times fell prey to one of these scams earlier this year.
In research conducted from July, 2008 until June, 2009, Symantec detected more than 250 distinct rogue security software programs. The top five reported rogue security applications are SpywareGuard 2008, AntiVirus 2008, AntiVirus 2009, SpywareSecure, and XP AntiVirus, according to the report.
The research finds the creators of rogue security software typically use an affiliate-based, pay-per-install model to distribute their misleading applications. Through this model, affiliates can earn between $0.01 and $0.55 for every successful installation. The highest prices are paid for installations by users in the U.S. first, followed by the U.K., Canada, and Australia, said Symantec.
To increase the likelihood of duping users, rogue security software creators design their programs so that they appear as credible as possible, utilizing advertisements, pop-up windows, and notification icons that mimic legitimate security software programs. In addition, these programs are often distributed on websites that appear credible and enable the user to download the illegitimate software. Some malicious sites actually use legitimate online payment services to process credit card transactions and others return an email message to the victim with a receipt for purchase; complete with serial number and customer service number.
Symantec officials said the estimated purchase price for consumers who download these rogue products ranges from $30 to $100.
"Not only can these rogue security programs cheat the user out of money, but the personal details and credit card information provided during the purchase can be used in additional fraud or sold on black market forums," according to a release from Symantec. "Scammers may also use the personal information gained from the victim to commit fraud and/or identity theft."
Some rogue security software actually installs malicious code that puts the user at risk of attack from additional threats.
Symantec
Log Management in a Cyber World
With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.
Comparing Research in Motion and Microsoft Mobile Solutions
Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
