Monday, October 19, 2009

Fake security software 'installed on millions of PCs'

Symantec has warned that millions of computer users have been duped in to installing fake security software on their machines

Some cyber criminals are earning more than £750,000 each year from the scams, which see computer owners tricked in to downloading and installing fake antivirus software on to their machines, believing they're protecting their PC from hackers.
In fact, the downloaded software often provides cyber criminals with a "back door" in to the machine, which they can access remotely, while the transaction process itself means that a computer user has unwittingly shared their credit card details with fraudsters.
Security experts at Symantec estimate that around 40 million people worldwide have fallen victim to these scams in the last year. The firm has identified more than 250 versions of this software, known as "scareware".
Symantec said that scareware vendors go to great lengths to initimidate and trick web users in to purchasing this malicious software. They use pop-up adverts, designed to look exactly like legitimate alert messages from reputable antivirus companies, to lull web users in to a false sense of security. These boxes often appear when users switch between programs and websites, warning the user that their computer has been compromised and is at risk unless they immediately install tools to protect it.
"Lots of times, in fact they're a conduit for attackers to take over your machine," said Vincent Weafer, Symantec's vice president for security response.
"They'll take your credit card information, any personal information you've entered there and they've got your machine," he said. Hackers with always-on remote access to a machine could use that connection to harvest details of bank logins or other security codes, or even pull the computer in to a giant "botnet", a network of compromised machines that send out spam messages, or help to propagate the spread of viruses, unbeknown to the computer user.
"In terms of the number of people who potentially have this in their machines, it's tens of millions," he said.
Security experts have warned computer users not to buy antivirus or security software from unsolicited pop-up adverts, but to ensure that they buy such programs directly through the official website of antivirus companies, or on CD from their local computer shop.

No comments:

Post a Comment