Consumer Threat Alerts
Are you aware of the latest threats? McAfee Consumer Threat Alerts warn you about the most dangerous ...
Fake antivirus and anti-spyware software, or “scareware”, now represents 23% of all malware in circulation, McAfee warns
Forget ghosts and goblins, what you should really be scared of this Halloween is “scareware.” It’s a trick that cyberscammers have been using to rake in hundreds of millions of dollars each year – and it’s no treat for computer users!
In fact, of the 150,000 dangerous links detected, between March 2009 – May 2010, 23% were designed for distributing scareware. Scareware tricks you into believing that your computer is infected with a virus, and prompts you to purchase fake antivirus or anti-spyware software to fix the problem. It is a particularly insidious threat since it looks like real antivirus software and can trick even savvy Internet users.
This scam has been around for some time now, and it’s not going away. Using scareware, cybercriminals can achieve two goals—infecting your computer with malware or even obtaining your credit card number.
Scareware has become such big business for cybercrooks that they are now creating elaborate business operations to propagate their scams, such as setting up multinational corporations, frequently changing names and web addresses, and even offering customer support hotlines to deceive victims.
Given that fake antivirus products are so widespread, you should be on your guard and learn how these scams work, and how to avoid them.
The Hook: Scammers scare Internet users into purchasing fake security software. The goal of the cybercrooks is to get you to provide your credit card information and give them access to your machine.
(If you haven’t already seen it, here’s a video of one scareware victim in Los Angeles, describing what it was like to lose personal information, and thousands of dollars to a scareware scam.)
1. Scammers send you a pop-up message, alerting you that your computer might be infected with a virus.
2. The pop-up may prompt you to run a phony security scan which downloads malware onto your machine. Or, it may tell you that you have a virus and need to download software to get rid of it.
3. The security software they offer is either “free” or costs money. Either way, it comes at a hefty price.
4. If you download the “free” software, it will download malware onto your machine and continuously prompt you to “upgrade” to the paid version.
5. If you enter your credit card details and download the paid version, the cybercrook has your information and money, and your computer is infected.
The Dangers: If you click on the pop-up to allow a scan or software download, your machine is infected with malware—usually spyware that secretly collects your information. If you agree to “buy” the software the cybercrook has your money and information.
Bottom Line: Never download security software through a pop-up window, banner ad or suspect website, even if you are being alerted that your machine is not safe.
Tips to Avoid Becoming a Scareware Victim:
1. Remember that this scam is designed to look like legitimate security software. Be on your guard. You may want to select the “pop-up blocker” on your browser to avoid dangerous pop-ups.
2. Only purchase security software from a trusted vendor. Go directly to their secure website, or an official retail outlet.
3. Investigate the company that sent you the pop-up before purchasing its software. Look for a trustmark on the website, indicating that the site has been verified as safe by a trusted third-party, and read customer reviews.
4. If you get a message saying that your machine may be infected, run a security scan with the security software from the vendor you trust.
5. If you’re worried you may be a victim of the scam, scan your computer for free using McAfee Security Scan Plus.
Tips on What to Do If You Have Become a Victim:
You’re a victim, now what?
1. Run a security scan using a comprehensive and trusted security product to detect any malicious software that may have infected your machine.
2. If you have given your credit card information to the scammers, immediately call your credit card company to report the issue and place a hold on the card.
3. Contact the Cybercrime Response Unit at www.mcafee.com/cru, an online help center for advice and technical assistance, if you think you’ve been a victim of a cybercrime.
4. You can protect your computer from these types of threats in the future by installing a complete security software suite that includes anti-virus, anti-spyware, and firewall protection, such as McAfee Total Protection™. Ensure that your software is always up to date (enable the “auto-update” feature) and perform regular scans.