Downloading Fake/Rogue Software Hurt$

Being a member of the Blogging community has a major upside. It allows me to have direct contact with a great many other Internet users; many more than I would have the opportunity to communicate with, in any other way.

One of the benefits is the real life issues that other users are dealing with, come to my attention quickly. Overwhelmingly, these issues and experiences are positive, but given the current state of Internet security the negative issues that affect Internet users are an unavoidably part of the package.

Over the last year or so, I have written 40 or more articles concerning rogue security software. Here’s why.

adware 3 There is an epidemic of rogue security software on the Internet at the moment; much of it using social engineering to convince users’ to download an unsafe rogue security application.

Rogue security software uses malware, or malicious tools, to advertise or install itself on an unaware user’s computer. After installation, false positives; fake or false malware detection warnings in a computer scan, is the primary method used to convince the unlucky user to purchase the product.

After all, a dialogue box that states “WARNING! Your computer is infected with spyware! – Buy [XYZ] to remove it!” is a powerful motivator. Clicking on the OK button takes the user to the product download site.

To make matters worst, the installation of rogue security software frequently leads to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

So what does this mean to real people; people like you and me? Let me share with you the following factual stories on the impact that rogue software has on people, brought to my attention by the very people who have been victimized:

Victim #1 - “What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you”.

Victim #2 - “Unfortunately I fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received. It was a nightmare trying to get in touch with anybody, and I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received. Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks”.

banking1

If you are a new computer user or relatively inexperienced on the Internet then the following recommendations are for you.

A good partial solution to the problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire, free from PC Tools. This type of program operates using heuristics, or behavioral analysis, to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application, RogueRemover to help you remove rogue software and to help keep you safe and secure.

A further resource worth noting is the Bleeping Computer web site where help is available for many computer related problems, including the removal of rogue software.

The following recommendations are repeated particularly for new or inexperienced users.

What you can do to reduce the chances of infecting your system with rogue security software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

About these ads

4 Comments

Filed under Anti-Malware Tools, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Freeware, Geek Software and Tools, Interconnectivity, Internet Safety, Malware Advisories, Online Safety, Rogue Software, Software, Spyware - Adware Protection, System Security, Viruses, Windows Tips and Tools

4 responses to “Downloading Fake/Rogue Software Hurt$

  1. Clear. Concise. Irrefutable.

    Another “must read”!

  2. JoWazzoo

    There are many sad parts to this.

    1 – As a person involved with Net Abuse for ~ 18 years, I have made very few $ fighting abuse. How much do the abusers make? It ain’t like the olde days when the occassional Virus landed in your lap from a script-kiddie. Nope – today a criminal purveyor of crimeware/hostageware/rogueware can EASILY make hundreds of thousands to millions of $ a year. This is a problem that will be with us for a good long time. (Unless some brilliant 3l337 d00d like our host comes up with a solution. :-))

    2 – After the warning pop-up pos, pretty much if you click anything you have been had.

    3 – In some cases you don’t have to even click anything – when you land on the site and later a popup tells you that you are infected – no need to click. They already got cha. This is particularly true on Pron sites.

    4 – What do do? The best course of action is to have defenses in place as noted above. BUT – if the pop up pops they are not gonna help you much if at all. So? Pull the plug if necessary. At that point even [ctrl]-[alt]-[del] won’t help in most cases.

    5 – Heed above advice – but IDS/HIPS software is more important than an after the fact scanner. Some firewalls now are starting to add these features.

    6 – While I too love WOT and was an early user, there is a better solution. Major problem with WOT is that it totally relies on user input. Finjan has a system that ties back to their huge database of bad guys. A bit slower than WOT but more accurate. Several others are available – see

    http://www.webuser.co.uk/products/WOT_review_4543-663.html.

    ch33rs JoW

    • billmullins

      As usual Jo, another great comment. You have made some very important
      points.

      I disagree however, with your assessment of WOT. WOT, in fact, combines user
      ratings with data obtained from negative sources such as phishing, malware,
      and spam blacklists, and of course, positive sources such as del.ici.ous,
      Digg, or Wikipedia.

      With over 200,000 weekly downloads and 4,000,000 total downloads at Mozilla
      alone, I think WOT has established itself as a premier Browser security
      add-on.

      Bill

      *216,073* weekly downloads
      *3,980,852* total downloads

  3. JoWazzoo

    HHmmm …..

    Well – as usual ur right :-)) Ignorance on my part. (You a member of their BOD?) Some points you made in follow-up I was unaware of. But hey !! I said I love it. And you disagree? :-))

    OK – Out of the 5 systems that I am aware of, WOT is BEST. Butttt … I have seen a LOT of misques/false positives by WOT. ** Below

    Note – I always defer to my elders particularly when they have a beard.

    Ch33rs,

    JoW

    ** I do not put McAfee Advisor in the same league. The others are so-sos.