« Google Safe Browsing Diagnostic Tool to check for sites serving malware | Main | Internat'l CTIA WIRELESS I.T. & Entertainment 2009 wireless health initiative »

September 17, 2009

Why is Rogue/Fake Antivirus so successful?

Why is Rogue/Fake AV so successful? .

This is today's diary entry from the Internet Storm Center from SANS.


It is obvious that the bad guys are making (serious?) money with this scamming scheme. There are couple of things interesting about rogue AV programs. First, the bad guys here do not use (in most cases) any sophisticated attacks on clients. They instead rely on visitors to wittingly install their "AV program". How do they do this? Through social engineering – they create web pages which are very authentic copy of legitimate screens in Windows operating systems. These web pages make visitors believe that their machine is infected with several malicious programs and that the offered "AV program" can help them clean it.


As it turns out, these scammers produce Web pages that closely resemble Windows' Security Center. But more importantly, security and privacy issues are not usually discussed in the popular media, so most Web users are caught unaware.

Comments

blog comments powered by Disqus