Google says fake antivirus programs account for substantial fraction of malware
An interesting study by Google finds that 15% of all malicious software on the web is fake anti-virus programs.
People are tricked into downloading these fake anti-virus programs by a message that informs them that their PC is infected with a virus. The program once installed may steal data directly, or tell people to make a payment to register the product. This might lead to credit card information leaking out as well.
The study also noted: “Surprisingly, many users fall victim to these attacks and pay to register the fake [anti-virus software]. To add insult to injury, fake anti-viruses often are bundled with other malware, which remains on a victim’s computer regardless of whether a payment is made.”
The study analyzed 240 million web pages over the past 13 months, and discovered more than 11,000 web domains involved in this sort of fake anti-virus program distribution. The study also found that more than half of the fake software was delivered via advertisements. Scammers also use ‘black hat search engine optimisation techniques”, which guide users – who have searched for a very popular search query – to websites that have a whole bunch of content, and are often ranked very high because of the SEO optimisation.
While Google does try to filter out such booby-trapped websites, the scammers avoid being detected by regularly switching domains.
According to the experts, the best solution for this problem is to “be suspicious”, and not trust any advertisements or virus warnings that are not from the antivirus on their system.