Watch out for the "scareware" scam

[PatchGirl]

The BBC warns us today that online criminals are making millions of pounds by convincing computer users to download fake anti-virus software.

Symantec, an internet security expert, says more than 40 million people have fallen victim to the "scareware" scam in the past 12 months.

The download is usually harmful and criminals can sometimes use it to get the victim's credit card details.

The firm has identified 250 versions of scareware, and criminals are thought to earn more than £750,000 each a year.

There's seems to be no end to the amount of scams flooding the Internet but this has to be one of the worst. Identity theft is a major concern and cyber criminals could cause use mass scale financial destruction in a very short time if they have your credit card details. Vigilance must be the name of the game.

We're continually being warned to exercise care when opening emails from people we do not know as they could infect our machine. Now we also need to ensure that anything we download is from a reputable company.

Have you fallen foul to a cyber scammer? How can we ensure our personal details really are secure when we make a purchase over the net?

[The SMG]

you've got to be pretty darn silly to fall for something like this. Mind you, I did get royally screwed over by next.co.uk last week so it can happen to the best of us

G

[hugo@gabem]

There are a number of these floating around, ranging from the basic and annoying to some that are approaching art in their integration and complexity.

My mother recently (despite all the advice and safeguards I gave or put in place) managed to get her PC infected with one of these - inevitably from Facebook. It's of the basic and annoying variety (it still does the job), and comes with a separate auto downloader, so even if you get the worm it tends to re-appear. She's cancelled the card she uses for computer purchases and I am currently mulling over whether to bother trying to get rid of just the worm or just start afresh with a clean install.

Best advice I have is take the same precautions you would when clicking on strange email links (hopefully you don't), install Chrome (and removing obvious access to other browsers) if you have people that are prone to poor internet hygiene, and keep your PC fully updated.

A lifehacker article today in fact has 5 good update tools: Five Best Software Update Tools - software updates - Lifehacker

As an aside: The best one I have seen was just superb, better integrated with windows than any program I have ever seen, no poor English, attractive professional graphical design work, and a pain to remove, it was relentless (there are now procedures to remove it). Whoever did it could have easily gotten a good job as a programmer (although it would probably have paid less).

[The SMG]

nice one Hugo. Cheers

[hugo@gabem]

Quote:

Originally Posted by The SMG

nice one Hugo. Cheers

Thanks very much, and in answer to who falls for this sort of thing: two of the people I have seen get infected by the really impressive one were friends of mine both of whom were very competent IT professionals.

Okay they were using IE which I view as an obvious error, but they were otherwise careful and up to date. We believe they were served through a flash advert (keep flash updated folks or just block the hell out of it if you can) so no clicking or anything from them. It wasn't even an obvious bad area of the internet, for one of them it was an internet games magazine.

[Vaseline]

Quote:

Originally Posted by hugo@gabem

Thanks very much, and in answer to who falls for this sort of thing: two of the people I have seen get infected by the really impressive one were friends of mine both of whom were very competent IT professionals.

Okay they were using IE which I view as an obvious error, but they were otherwise careful and up to date. We believe they were served through a flash advert (keep flash updated folks or just block the hell out of it if you can) so no clicking or anything from them. It wasn't even an obvious bad area of the internet, for one of them it was an internet games magazine.

really? I'll need to keep my wits about me. Like SMG says, I always thought these types of scams caught the ignorant, not your average techno savvy contractor.

I take your point about IE.....absolutely useless.

V

[hugo@gabem]

Quote:

Originally Posted by Vaseline

really? I'll need to keep my wits about me. Like SMG says, I always thought these types of scams caught the ignorant, not your average techno savvy contractor.

I take your point about IE.....absolutely useless.

V

Being caught by the scam would be paying for the software they are pretending to sell. Being served malware via flash ad is just being in the wrong place at the wrong time.

I don't want to mislead you, if you are fully updated and careful the chances of getting infected are remote (I haven't had an issue in years despite the occasional scare), but it can still happen.

If you're up to date and taking reasonable precautions (one friend of mine has a PC running from a Linux live CD which I think exceeds reasonable) you are doing as much as you can. If someone has found a way to load malware into a webpage directly or through advertising, you're unlikely to know until it happens.