Fake Security Software Scammers Nabbed by FBI


« Firefox 5 Released by Mozilla Foundation | Main | TLD4 / TDSS an "Indestructible" Botnet? »

06/23/2011



Fake Security Software Scammers Nabbed by FBI

Kevin R. Smith
Co-Editor


By now most of us have seen the scareware, fake antivirus software (like MacDefender), and other scams that play on people's fears.

In nearly all cases, the ads look like legitimate error messages from our computers; in one case it was a fake hard drive failing ad that was made to look like a real error message from Windows.

Bleh.

Whatever the case, and whatever they look like, there will be a few less of them now since in no less than twelve countries (including the U.S. and the U.K.), the FBI and other local law enforcement folks, have raided and shut down one of these malware/scareware gangs.

The BBC has some details of the FBI raid on fake security software gang, but the FBI's own press release has even better info on how they disrupted international cyber crime rings distributing scareware.

Here are some of the best details,
The first of the international criminal groups disrupted by Operation Trident Tribunal infected hundreds of thousands of computers [emphasis mine] with scareware and sold more than $72 million of the fake antivirus product over a period of three years.

"The scareware scheme used a variety of ruses to trick consumers into infecting their computers with the malicious scareware products, including web pages featuring fake computer scans.

"Once the scareware was downloaded, victims were notified that their computers were infected with a range of malicious software, such as viruses and Trojans and badgered into purchasing the fake antivirus software to resolve the non-existent problem at a cost of up to $129.

"An estimated 960,000 users were victimized by this scareware scheme, leading to $72 million in actual losses.

"Latvian authorities also executed seizure warrants for at least five bank accounts that were alleged to have been used to funnel profits to the scam’s leadership.
The most important part of this quote is, The scareware scheme used a variety of ruses to trick consumers into infecting their computers with the malicious scareware products, including web pages featuring fake computer scans.

Which means the bottom line is that this is not a case where a worm or virus is spreading itself onto people's computers.

Instead this is an old-school con job. Plain and simple.

And, they were good at it, too, given that nearly a million people fell for it.

This type of malware is very, very, very difficult for regular antivirus software to detect, but it is one place where Internet Security Suites and "Premium" versions can offer an advantage.

The ISS/Premium versions typically include malicious website filtering/blocking, so often if you try to go to one of the malware sites when you're running Internet Security Software, the Security Suite can often help protect your PC from infection when someone tries to trick you into installing scamware onto your PC.

No, website filters aren't perfect, but between the website filtering in an ISS and your web browser--assuming you're using a good, modern browser and it's malicious site filters are turned on--you do at least stand a fighting chance.

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.