Why is Rogue/Fake Antivirus so successful?
This is today's diary entry from the Internet Storm Center from SANS.
It is obvious that the bad guys are making (serious?) money with this scamming scheme. There are couple of things interesting about rogue AV programs. First, the bad guys here do not use (in most cases) any sophisticated attacks on clients. They instead rely on visitors to wittingly install their "AV program". How do they do this? Through social engineering – they create web pages which are very authentic copy of legitimate screens in Windows operating systems. These web pages make visitors believe that their machine is infected with several malicious programs and that the offered "AV program" can help them clean it.
As it turns out, these scammers produce Web pages that closely resemble Windows' Security Center. But more importantly, security and privacy issues are not usually discussed in the popular media, so most Web users are caught unaware.