Rogue anti-spyware software is a class of bogus software that uses clever techniques to trick consumers into installing software that creates problems and then asks payment to make those problems go away. Software like this is kind of like the Mafia of the Internet – pay us or we’ll continue to pop-up windows and frighten you. Paying these rogue anti-spyware companies is like paying protection money. Once installed, rogue anti-spyware is very hard to remove. Once installed rogue anti-spyware floods your computer with warnings, pop-ups and requests for payment that make your computer unusable. Avoidance, therefore, is the best strategy. In order to avoid getting “infected”, you need to understand how to avoid getting tricked into installing this software in the first place.
One popular method used by rogueware hackers to lure victims is to hide within a valid looking website. I was browsing for news on the recent Tsunami in Samoa, and I chanced upon a valid looking link via Google search. When I clicked on the link, instead of the expected news I hoped to see, I got a warning that my computer is not protected.
Clicking on any of the buttons – Ok, Cancel or the Red X redirects the page to a view that appears to show you a view of your computer in the familiar “My Computer” format with a fake virus scan and various red color alerts. Interestingly a careful inspection actually would have revealed that this is simply some sort of image – in my case the DVD drive was G:, but was showing up as E: here. Nevertheless it does look genuine enough to trick most computer users. Further encouragement in the form of another fake image pops up showing multiple infections and a path to remedying them. These images are completely bogus – my machine wasn’t infected – all of the fake images are a lure for the real trap – getting you to install the rogueware.
Clicking on this image will prompt you to download and run a file. If you have reached this point, STOP immediately. Once you install the software you will need expert assistance to fix your computer.
Since I work for a company (www.support.com) staffed with experts who can remove this type of infection I did exactly what I’m telling you not to do I continued and ran the file. Once Cyber Security (this example) or its variants such as Total Security is installed the rogueware starts to throw various fake alerts every couple of minutes. It gets pretty hard to use the computer from here on! The most popular technique used by rogueware is to generate “pop-up storms” that are so annoying and disruptive you believe the only option is to pay the rogueware provider to make them go away.
If you are seeing such prompts then it is time to get help to remove this rogue software. There is one more step that you will want to avoid though, clicking on remove for example, will open up a set of screens or windows that will lead you to provide your credit card details.
What happens if you enter your payment details? I did not care to find out. But our customer experiences suggest that the warnings do go away. However, the fake anti-spyware software does not really protect your computer. Worse still it has already installed a couple of Trojans/Malware – Trojan.FakeAlert, that is responsible for the alerts and Malware.trace. These Trojans can open the door for other malware to infect your computer down the line. You have given away your credit card details to a fraudster and can never be sure it will not be abused.
If you have already seen this final screen and provided your credit card details, call your credit card company and take protective action immediately. Also, call us at www.support.com and our Solutions Engineers, who by the way have cleaned up thousands of such malicious software, will make sure you are safe.
For reference here are other articles on the support.com blog to help you avoid getting scammed by the hackers:
Posted
Oct 08 2009, 04:44 AM
by
rajaram_kannan@supportsoft.com