Beware of scareware

So there I was, minding my business this morning, browsing through the Cheezburger family of sites using Firefox, when all of a sudden I get a warning from Ad Aware that there’s a suspicious process (a keylogger) running on my computer and that it was running a scan in the background.

Of course, it wasn’t really Ad Aware telling me that. It was something calling itself XP Antimalware. (It’s hard to keep track of its various names but that’s the one it used on this occasion.) It really gave itself away when it popped up a fake Windows Internet Security window with completely wrong settings. It’s an interesting little bugger. It’s what’s known as a “rogue scanner” or scareware, which is an anti-virus or anti-spyware program that attempts to trick you into buying a full version of the program by popping up numerous warnings that your system is infected. It also sort of highjacks your existing anti-virus or anti-spyware programs — I couldn’t run Ad Aware from the Start menu, for example, because XP Antimalware would start running instead. Stopping the process in the Windows Task Manager and then clearing my cache and running Spybot cleaned up everything.

I have to reluctantly admire the manufacturers of the program. It mimics Windows messages and dialog boxes really well, which is why they are so successful at making money at this. People no doubt panic slightly when they see the initial message, and then even more so as the fake scanner pops up and lists dozens of infected files on their computer. And in their panic, they agree to buy a license for the scareware program.

The lesson to be learned from that is that people really need to be more aware of what their legitimate anti-virus, anti-spyware, and security programs look and behave like…and don’t click anything that you don’t recognize.

Advertisements

One thought on “Beware of scareware

  1. I always find it funny when you get error messages like that which don’t match your browser or OS.

    I can’t imagine how anyone remotely sane can browse the Cheezburger sites without NoScript and/or similar add-ons installed. It used to be that just visiting the site would crash my browser.

    – RG>

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s