Tips to avoid being bit by CryptoLocker (and what to do if you are)

InfoSec Institute's Kim Crawley details CryptoLocker, the latest in scareware, and offers suggestions for avoiding infection

As early as 2007, if not earlier, Windows users encountered the very first rogue antivirus programs. Even today, end users are easily fooled by this vicious type of malware.

Developers of rogue antivirus programs usually put a lot of effort into creating GUIs that resemble legitimate antivirus programs or OS components such as Windows Defender.

Contrary to popular belief, rogue AVs aren't exclusive to Windows. In May 2011, the first rogue AV for Mac OS X was discovered. In June of this year, the first Android rogue AV was discovered. If rogue AVs for Linux distros, other Unix/BSD distros, iOS, BlackBerry and Windows Phone don't already exist, they're inevitable.

Because Mac users and mobile device users frequently believe that they're "immune" to malware, rogue AVs for those platforms may be even riskier than the first ones for Windows.

I've never encountered rogue AVs as a user. As an IT security expert, web developer, and occasional white hat "skiddie," (script kiddie) I should know better, so I do. I first encountered rogue AVs while providing remote support to Windows users all across the United States. And, oh boy, did I ever see them a lot back then. I swear, nearly a quarter of my support tickets involved ridding user machines of rogue AVs.

[Windows 8 security unshaken by antivirus vendor's claims]

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.