Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Your Computer Is Lying To You… The Epidemic Of Rogues

You Click On A Search Result, And A Screen Tells You An Infection Has Been Detected…

There currently is an epidemic of fake anti-malware software on the Internet– which is collectively called “rogue anti-malware” (aka “scareware”). These fakes are, in fact ‘marketed’ under hundreds of different names, such as “Internet Security 2010”, “Online Scanner”, and “Antivirus XP 2009”.

At our current state of Internet insecurity, you will see one of these scans pop open… if you haven’t already.

This ‘rogue’ software scares people by giving false “a virus has been detected!” notifications, and then tries to deceive them into using a credit card and paying for removal of of the non-existing “infection”.
Worst part is, many are designed to appear to be legitimate products.. professionally packaged/presented, with “customer testimonials”, etc.

The Internet’s “shadow economy” of cybercrime is worth over $105 billion. Online crime is bigger business than the global drugs trade¹. No country, no person, no business and no government is immune from CyberCrime.

This video (produced by the good folks at WOT) shows what happens when a legitimate Web site gets infected and redirected to one of these bogus anti-malware scams.
(Yes, folks, legitimate websites are being ‘hacked’. It’s known as “poisoning”. And search results links are being hijacked. And the cybercriminals can afford to pay for advertising and appear in search results that way too..)

The *people* behind this scourge use many different ways to try to entice you to click – realistic looking pop-up windows appear, offers of “free trials” arrive in e-mail, and “free scan” buttons on legit-looking ‘fight malware’ websites.. the means are quite varied! There’s even some that put a red shield icon in your System Tray (down by the clock) and mimic a Security Center alert.

As this video shows, the user is tricked into (scared into, really) providing their credit card #  to clean infections that weren’t there before they clicked and aren’t really there now.
* The ‘false positives’ are not “cleaned”, BUT, more adware and spyware is installed.
* A good percentage of my calls at Aplus Computer Aid are folks needing help with getting rid of these ‘rogues’. Because these clever programs use the latest techniques to combat removal, and it can be quite tough — if not impossible — to truly remove them.. without formatting your hard-drive.
* For more, please read Is that anti-spyware program really spyware? and Bill Mullins’ How Fake/Rogue Software Affects Real People
* One Website dedicated to combating this epidemic is Spyware Warrior. It has a pretty good list of known rogues, and much more detailed information. Another excellent resource is Bleeping Computer.
* I have written several How-To’s on protecting yourself from malware, and how to clean your machines as well. Click here to see those titles.

¹ From the new MessageLabs whitepaper. (This eye-opening report provides a disturbing look into the ‘dark’ world of cyber-crime. This link is the online version.. you need to scroll a bit..)

Today’s free download: WOT is a free Internet security add-on for your web browser. It will help keep you safer from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky Website. It’s easy and it’s free.

  • So easy a child can use it
  • Ratings for over 20 million websites
  • Downloaded 3 million times
  • The WOT browser add-on is light and updates automatically
  • WOT rating icons appear beside search results in Google, Yahoo!, Wikipedia, and webmail – Gmail, Hotmail, Yahoo!
  • Settings can be customized to better protect your family
  • WOT Security Scorecard shows rating details and user comments

In case I wasn’t clear:
1) The alerts are fake. The scans are fake. The results are fake. Don’t fall for it.
2) For you to even see these scans, your machine has been attacked, and you should start a virus removal process immediately.. and/or get help.
3) Epidemic? You bet! Thousands of websites get poisoned each week, and the cybercriminals create their own bogus websites at the rate of thousands a day.
Oh, yes, almost forgot. A new ‘variant’ of rogue is released onto the Internet roughly twice a week…

Copyright 2007-2010 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

February 10, 2010 - Posted by | advice, anti-spyware, antivirus, computers, cyber crime, hackers, Internet, Internet scam | , , , , ,

6 Comments »

  1. TechPaul,

    These rogue applications are definitely the top problem on the internet right now. As you have mentioned, ridding a PC of one these is becoming more and more difficult.

    This is one of those things that you cannot write about enough.

    Rick

    Like

    Comment by Ramblinrick | February 12, 2010 | Reply

    • Rick,
      You have mentioned here in the past that you have had experiences in removing these ‘rogues’ for friends and family, etc..

      The number of different ways these “pop opens” attempt to trick the user, combined with the near superstitious ignorance with which 90%+ of people have with computers, combined with the belief that their antivirus is a cure-all (after all, it cost $50!), combined with the fact that people have been conditioned to click “OK”, “Next”, etc., make this one of the All Time Great fleecing tools man has ever developed.

      Combine this with the fact that these programs are getting so good at protecting themselves from removal that I – a trained professional with years of experience – cannot remove some of them..
      And it makes one wonder: what chance does the “average computer user” have?
      (Is it any wonder they count the yearly ID Theft victims in the millions?)

      The Internet is seriously broken — and nobody wants to hear it.

      Like

      Comment by techpaul | February 12, 2010 | Reply

  2. can you tell if it is a rogeu from any good antiv let me know and how can i fight it you cant do it so how can i thank you mike

    Like

    Comment by mike | July 30, 2010 | Reply

    • mike,
      I am sorry, but I do not understand you.

      Like

      Comment by techpaul | July 30, 2010 | Reply

      • For the record, I think Mike was trying to ask, “How can you tell if a program is a rogue? Will a good antivirus program identify rogues? How can rogues be fought – since it’s so difficult even for you to do it, how can I? Thank you.”

        Like

        Comment by Anonymous | October 4, 2010 | Reply

        • Sir or Ms,
          Thank you for acting as translator/posing these excellent questions. Let me break them into individual pieces, and try to give relevant pointers:
          1) How can you tell if a program is a rogue?
          There can be several clues.. perhaps the main one is; were you casually surfing the Internet, and some window you’ve never seen before suddenly pops open and tells you scary things? Like.. by magic, it decided to just give you a free, quick scan, and it found ScaryName.Trojan?
          That’s a rogue.
          But if you aren’t sure, Google its name.

          2) Will a good antivirus program identify rogues?
          A good security suite/antivirus (that has ‘active’ shielding) should detect the rogue’s process and shut it down before it does any real harm.
          Keyword: “should”.
          Is there one yet invented that does so 100% of the time. Always. Every rogue? No. The cybercriminals (aka ‘hackers’) write new ones every other day, and employ new tactics weekly. And, no antivirus protects you from you: when you ignore the warning and launch the setup.exe, it’s kind of game over.

          3) How can rogues be fought?
          I have posted advice here – almost daily – on how to surf safely, and how to protect your machines from malware, (there are many other online resources available as well) but to make things simpler, I compiled a Top 10 list (click here) to help.

          Prevention is key. But, should you get infected, there are many self-help resources available, (including a few I have posted) but I sincerely believe that one should enlist the aid of an experience malware removal technician (yes, such as myself) as modern malware truly is “military grade”.
          .. oh yes, one more thing, if you have been infected, whatever protection you had onboard, that installation of it is no longer any good – one of the first things malware does is seek out and cripple your antivirus – and it will need to be reinstalled (or replaced).

          Like

          Comment by techpaul | October 5, 2010 | Reply


Leave a Reply to mike Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: