Fake antivirus software is one of the most persistent threats on the Internet today, representing almost one quarter of all dangerous links, according to McAfee Labs™. But despite its prevalence, many users don't know how fake antivirus software works and how to spot it. With that in mind, let's take a closer look at this threat so you can avoid becoming a victim.
Fake antivirus software, sometimes called “scareware,” is malicious software designed to steal your money and information by tricking you into thinking that it is legitimate security software. Cybercriminals mostly distribute scareware via Internet ads and popups and through poisoned search results, with the aim of making money–lots of money. In fact, one criminal group managed to make $100 million through fake antivirus scams1.
The scam works by tricking you into believing that your computer is infected with a virus, usually via a popup message. It prompts you to either download “free” security software and run a scan, or purchase their security software for a hefty fee. If you download the “free” version, it will continue to prompt you to buy the paid version.
Once you agree to buy the phony software, the cybercriminals get your money, as well as your credit card information.
Part of the reason that this scam is so successful is that the popups and warnings look like legitimate security messages and many users have trouble identifying them as fake.
The other reason why this scam works is because the crooks are playing on victims' fear that something is wrong with their computer. Once the bad guys have you feeling panicked, it's easier to extract your money and information.
Your best protection is to learn more about fake security software so you can recognize it. Here are some tips to help avoid falling for this scam:
- If you see a message saying that your computer may be at risk, disconnect from the Internet and use the security software already on your computer to run a scan.
- Be suspicious of security messages that are overly dramatic, or inaccurate. For instance, a message might warn that Drive X is infected, and you may not have a Drive X.
- Avoid clicking on any of these known fake antivirus tools: AntiVirus Scan; Anti Vira AV; Smart Internet Protection 2011; AVG AntiVirus; Palladium Pro; Windows Security & Control; System Tool; Fast Disk; Good Memory; Disk Optimizer; Windows System Optimizer; and Windows Utility Tool
- Be wary of responding to popup ads. You may want to enable your browser to block popup windows to avoid dangerous popups.
- Only purchase security software from a trusted vendor, through their secure website or retail outlet.
If you've already been infected by one of these malicious programs, run a security scan using reputable security software to try to locate and remove the program. If you've given away your credit card and other personal information, check your accounts and notify the credit bureaus if you see any suspicious activity. While scareware seems to be everywhere these days, if you take the right precautions and stick with trusted security providers, you should be safe.