These icons link to social bookmarking sites where readers can share and discover new web pages.

ScareWare Infects Tens of Millions Yearly

October 26, 2009 by ADMIN · 1 Comment

By Simon Heron, CISSP Internet Security Analyst

For some time, cyber-criminals have been writing and distributing scareware as part of their arsenal in the battle to take control of our computers.

Put simply, scareware programs are designed to frighten people into running malicious software by popping up when the user is online and declaring that viruses/Trojans have been detected and that all the user has to do is run the program they provide to clear up the ‘infected’ system.

Anti-virus provider Symantec have recently released a report which indicates that this practice isn’t going away.

I am always a bit skeptical about how much criminals really earn carrying out virus writing scams.

I suspect the majority could be described as ‘failing businesses’, with a smaller number actually making some money and then selling their technology to those new to the scam.

As users, this doesn’t help us as.

There is still a lot of scareware out there, and many people still falling for it. (Forty-three million in the last year according to Symantec).

So, why are so many of us still falling for this con trick if it’s been around for so long?

Why is it that people will just download from a site they have never heard of, a site which doesn’t appear to specialize in anti-malware, rather than use reputable anti-malware solutions?

One theory is that users are relaxed, at home and feeling secure. Hence their defenses are down, and they will believe anything.

Lack of awareness could also be a issue.

This is difficult for me to believe as all I seem to read about are scams and malware, but then again that is what I do so perhaps it is not surprising.

Another thought is that the message is almost too strong.

That people are aware of malware, and know that they need protection, so when they get told that they are infected they believe it, and want a quick, easy solution which the pop-up box is presenting to them.

Perhaps the initial panic that the user experiences when informed about the ‘infection’, kicks in and drives them to download the first ‘remedy’ available.

Maybe they’re just clicking anything to get rid of the error message.

Logically, users that have a fully updated security suite installed on their system shouldn’t experience the same kind of panic and feeling of vulnerability that would prompt them to click this message.

However, what about those users who don’t have a security solution installed?

For home users, security suites can be purchased for as little as £20 these days. That’s not to mention the legitimate free anti-virus providers that home users can install.

The fact is, people are clicking on these messages and getting infected, which is a problem for all of us.

Perhaps, rather than individual campaigns targeted at certain issues of the moment, the industry as a whole needs to co-operate on a national awareness campaign, highlighting the risks and providing guidelines to the user on how to mitigate them.

* * *

Stay Informed With ISR News Feeds and Email Alerts Here:

Simon Heron has over 19 years experience in the IT industry, including nine years experience in Internet security. During this time he has developed and designed technologies ranging from firewalls, anti-virus, LANs and WANs. Simon has an MSc (attained with Distinction) in Microprocessor Technology and Applications, and a BSc (Hons) in Naval Architecture and Shipbuilding and is a CISSP (Certified Information Systems Security Professional). Prior to Net Caboose, Simon co-founded Network Box Corporation (UK) Ltd and was Managing Director, finally merging this franchise with the parent company in 2006. Before Network Box, Simon joined the British Antarctic Survey (B.A.S.) as science project leader, and spent two Antarctic winters at the research station Halley in the Antarctic, developing and enhancing graphical technologies in the harshest of conditions. Simon also has a company called Net Caboose which deals with Identity and Access Management and is also development house.

Network Box Limited (NBL) is an international managed security services company, specialising in unified threat management (UTM). It continuously defends the networks of its customers using PUSH technology to instantaneously update protection, from 12 Security Operations Centres spread around the globe. NBL’s customers in Asia, Australia, North America and Europe include companies such as BMW, Nintendo and Toyota, as well as banks, utilities companies and government organisations.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

These icons link to social bookmarking sites where readers can share and discover new web pages.

Filed under: Breach, D&O Liability, FEATURE ARTICLE, Financial, Insider Threat, Sarbanes-Oxley, Simon Heron, Uncategorized, due diligence, hackers, identity-theft, malware, national security, privacy

Tags: (ISC)2, 2009, access, advice, AlphaInventions.com, Anthony M. Freed, best practices, Breach, breaches, bypass, Caboose, CGEIT, CIPP, CISA, CISM, CISSP, computer, confidential, consumer product liability, control, Costs, CPA, criminal, CSI, cyber security, cyber-crime, cybersecurity, D and O liability, Data, DRI, due diligence, Economy, electronic database, email, file sharing, Finance, Financial, Financial Identity, Financial InfoSec, firewall, fraud, governance, hackers, homeland Security, how to, ID, identity thief, IIA, infection, Infoduciary, Information, Information Fiduciary, Information-Security-Resources.com, InfoSec, infrastructure, ISACA, ISR, ISSA, ITRC, Kevin M. Nixon, law, legal, liability, Microsoft, Microsoft Security Essentials, misuse, MSE, Network Box Limited, News, online fraud, P2P, PC, privacy rights, risk, scams, scareware, Security, Simon Heron, spam, SQL Injection Attacks, stealing data, students, symantec, System, systems, theft, third party, Trojan, tutorial, UK, vendors, Windows, zero day attack

One Response to “ScareWare Infects Tens of Millions Yearly”

Ed (pramatr.com) Says:
October 27th, 2009 at 7:00 am
“So, why are so many of us still falling for this con trick if it’s been around for so long?”

It comes down to lack of education. Not everyone utilises computers in daily/ working life or has the freedom to peruse sites which re-enforce the dangers lurking on the net.

Many people access the internet after a tiring day at work or school and this situation likely encourages users to accept scareware payloads especially if it means they can get back to their website.

Tell us what you're thinking...

Editor's Pick - Best Anti-Spyware Download
Advocacy
- Electronic Frontier Foundation
- Internet Security Alliance
Business Technology
- BizTech - The Wall Street Journal
- Geekfluence
- Information Week
- InfoWorld - Business Tech & IT
- TechPitch
- TechWeb
- Telecom, Security and P2P
Class Action Litigation Resources
- Class Action News Wire
- Class Action World
- Stanford Law Class Action Clearinghouse
Education Infosec
- Educational Security Incidents (ESI)
Financial InfoSec
- A.E. Feldman Blog
- Bank Info Security
Financial Watch
- Bear Market Investments
- BusinessWeek BX
- Footnoted.org - The Fine Print
- MarketWatch
- SeekingAlpha Investor Analysis
- Silicon Investor
- Telegraph UK
- The Deal Economy
- The Mess That Greenspan Made
- The Oxen Group
Government
- Compliance Online
- Federal Computer Week
- Government Computer News
- Government Contracting News Wire
- Government Technology
- GovernmentSecurity.Org
- Homeland Security Watch
- N.I.S.T. Resources
- Obama’s Security Strategy
- Telegraph UK
- US - CERT
Identity Theft News
- I’ve Been Mugged
- ID Experts Blog
- Identity Theft Assistance Center
- Identity Theft Info
- Identity Theft Resource Center
IDG Network
- CIO Online
- ComputerWorld
- CSO Online
- IDG Connect
- InfoWorld
- ITWorld - An Open Exchange
- MacWorld
- NetworkWorld
- PCWorld
- The Industry Standard
InfoSec
- Armit Williams Blog
- Best of Security News
- Bruce Schneier on Security
- C.E.R.I.A.S.
- CERIAS Blog
- CGI Security
- CIO Forum - South Africa
- CISSP
- Cyber Security Institute
- Cyber Strategies
- Didier Stevens Blog
- FireEye Malware Intelligence Lab
- FrequencyX Blog
- Graves Concerns - Subjunctive Blog
- Hack in the Box
- HowUnSecure
- IIA Security Portal - Australia
- Information Security Short Takes
- Insecure Realities
- Laptop Security Blog
- Last In - First Out
- Lauren Weinstein’s Blog
- Mu Dynamics Blog
- Neohapsis Labs
- Oonnoonny
- Risk and Threat Management
- SecuObs - L’observatoire
- Securosis
- TaoSecurity
- The Breach Blog - Evan Francen
- The DarkNet UK
- The Hacker Diaries
- The InfoSec Blog
- The Tech Herald - Security
- Threat Post
- ThreatChaos - Richard Stiennon
Mortgage Industry
- Housing Doom
- Mortgage Lender Implode
Payments Industry
- Merchant Bill Of Rights
- Payment Systems Blog
- Payments News
- PCI Auditor Community Site
- Pin Payments Blog - HomeATM
- Society of Payment Security Pros
- StorefrontBacktalk
- The Merchant Maven
Privacy Rights Issues
- Emergent Chaos
- Info/Law - Harvard
- Pogo Was Right - Privacy News
- Privacy Camp
- Privacy Rights Clearing House
- PrivacyLaw.org
- The Cutting Edge News
Security Breach Aggregators
- Open Security Foundation
Technology and Law
- Computer Crime Research Center
- CTF Legal Blog
- Cyber Crime & Doing Time
- Tech Law Forum
- Technology & Marketing Law
- The Complex Litigator
- Tsibouris & Associates Law Blog
Technology News
- Ars Technica
- Current Tech
- H-Plus Magazine
- Rob the Geek - New Zealand
- TechBlips
ISR News Feed
- Comcast Homepage Hackers Indicted
  By Robert Siciliano, Identity Theft Expert The hackers ages 19 and 20 at the time known as Defiant and EBK from a group calling themselves Kryogeniks. Where they screwed up during their stunt was when they changed the contact information for the Comcast.net domain to Defiant’s e-mail address. Brilliant hackers yet not so smart.
- Telecommuting and Enterprise Security
  By Simon Heron, CISSP Internet Security Analyst Remote working, or working from home, is becoming increasingly popular as companies seek the economic benefits of moving some of its team out of the office, or having employees that are able to log on at home. But, businesses could be exposing themselves to more risk by using remote workers if the process is not properly thought through and monitored.
- Surviving Cyber War: A Primer on DDoS
  By Richard Stiennon, Chief Research Analyst, IT-Harvest Just as markets do a better job of regulating good and bad business practices in rapidly evolving economies, the self interested protection of the security community may be the best response to the scourge of Internet pestilence. Viruses, worms, spam, spyware, and botnets have all changed the Internet and the way organizations use it for profit.
- Cyber Security Red Flags For Insurance
  By Laton McCartney, Editor at CIOZone They start with basic questions: Are you a public company? Have you been in any actual or attempted merger, acquisition or divestment within the past two years? How many employees? What percentage of your revenue is international? From there they hone in on the specific controls and safeguards you have in place to secure your data and IT infrastructure. Here are seven areas that the insurance carriers are looking at...
- Online Money Mules Aide Theft and Fraud
  By Robert Siciliano, Identity Theft Expert Shipping scams are a common tactic criminals use in which they employ mules to receive goods bought with stolen credit card numbers, who then ship to people who buy them in online auctions. The mules in this process are essentially facilitating selling hot goods and money laundering.
- Effective Security Policy Messaging Important
  By Christopher Burgess, Senior Security Adviser Clearly communicate that, in fact, there are secrets. Once employees understand that they have a responsibility to protect the enterprise, the chasm between the security professional and the rest of the staff not only shrinks, it disappears. Far too often, security policies arrive as a reaction, as opposed to a proactive management of risk. Through this process, the enterprise will acknowledge security as forethought, not an afterthought.
- Windows Security Logs and MS Log Parser
  By Bozidar Spirovski, CISSP, MCSA, MCP Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it's a tool made by Microsoft!
- ATM on Craigslist Loaded with Card Data
  By Robert Siciliano, Identity Theft Expert I started looking on e-bay and found plenty of new and used ATMs ranging from $500-2500 but quickly determined I didn’t want to pay $300 for shipping. Next was Craigslist, where I quickly found an ad from a bar north of Boston. They were selling pool tables, Budweiser neon signs and an ATM for $750.
- ISAlliance: Cyber Security is Economic Issue
  By Anthony M. Freed, Information-Security-Resources.com Managing Editor "First, the President is correct in his appreciation of the need to view cyber security as not just a technical and security issue, but as an economic one as well. In the 21st century - the digital century - economics and security are opposite sides of the same coin. You cannot affect one without impacting the other." ~ Congressional Testimony
- Innovative Analytic Tool Empowers Investors
  By Anthony M. Freed, Information-Security-Resources.com Managing Editor An innovative new investor analytic tool made its public debut today, and it offers an exciting look at what may well be the future of online trading for both market experts and arm-chair analysts alike. Trefis, named for its focus on trends, forecasts, and insights, is revolutionary in its forward-looking approach to stock analysis which, incorporates a more intuitive look at the relationship between a company's product divisions and its stock price.
- SaaS and the Need for Enterprise Architecture
  Coby Royer, Technical Product Manager for Symplified Acquisition and deployment of real solutions is now within grasp of business owners (seemingly) without the need for conventional IT delivery and support. But many questions may go unanswered without engagement of EA, and latent risks (such as compliance and security) may turn into real issues.
- New IBM Analytics For Business Intelligence
  BY Mel Duvall, Chief Content Officer at CIOZone In its recently released Global CIO Study, IBM found that 83% of respondents identified business intelligence and analytics as the best way to help enhance their organizations' competitiveness. At the company's Information on Demand conference in Las Vegas, IBM outlined a series of new products and services. It includes tools to analyze the increasing volumes of unstructured data found on Web sites, on social networking sites and in digital files.
- Revolving Door of Abuse: Procurement Fraud
  By Michael O'Connor, President of IronClad Consulting Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in the US v. Khan case, and has been the focus of many other cases of procurement fraud within the LOGCAP project. Since combat operations began in 2001, DCAA has referred to criminal investigators 32 cases of suspected fraud that were associated with all wartime-support contracts. Of those, the vast majority were related to the Logistics Civil Augmentation Program.
- ISAlliance to Testify for Senate Judiciary
  From The Internet Security Alliance Larry Clinton, president of the Internet Security Alliance (ISA), will testify tomorrow at a U.S. Senate Judiciary Terrorism and Homeland Security Subcommittee hearing titled, Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace.
- Increase Your Information Security IQ
  By Robert Siciliano, Identity Theft Expert People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good (not to insult them):
- Fifteen More Smart Grid Privacy Concerns
  By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI Wouldn't it be a good idea to have privacy certifications for the organizations that are part of the large smart grid and for the smart meters to help ensure they are appropriately addressing privacy and providing households with informed decision-making capabilities for how the information collected from their homes through these devices are used?
- 2010 Defense Authorization Act Spending
  By Richard Stiennon, Chief Research Analyst, IT-Harvest On October 28th President Obama signed into law the National Defense Authorization Act for Fiscal Year 2010. OK, so more people are needed. Now, let’s talk money. How much money is provided in the 2010 Defense Authorization Act for Cyber Defense? A lot.
- What Could Possibly Be Worse Than A Virus?
  By Robert Siciliano, Identity Theft Expert Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.
- DLP is Short for Disturbing Lack of Process?
  By Danny Lieberman, Security Expert and Founder of Software Associates The question is not lack of process but whether or not security is being used to help enforce business process in the relevant areas of product safety, customer service, employee workplace security and information protection in business-to-business relationships.
- HITECH Act and Protecting Health Privacy
  By Doug Pollack, Chief Marketing Officer for ID Experts These new regulations come at a time when healthcare breaches are on the rise; according to the 2009 ITRC Breach Stats Report healthcare breaches account for over 66 percent of all records breached this year, up from 20 percent in 2008. In fact, some of the largest names in healthcare suffered data breaches.
Feedback
- The Upside of the Downturn « Business Intelligence | Management Business Wisdom on New IBM Analytics For Business Intelligence
- NerdCast Episode 30 | I Want To Be A Nerd on Ten Common Identity Theft Myths Dispelled
- Brian Carroll on Effective Security Policy Messaging Important
- Vedicsoft Solutions IT Consulting Company | Business Intelligence … | Management Business Wisdom on New IBM Analytics For Business Intelligence
- Taming Business Intelligence for CXOs | CMS Report | Management Business Wisdom on New IBM Analytics For Business Intelligence
- Innovative Analytic Tool Empowers Investors : Information Security … | inversiones inmobiliarias - Zentrica Inversiones on Innovative Analytic Tool Empowers Investors
- securitywhispers » Blog Archive » About smart grid on Fifteen More Smart Grid Privacy Concerns
- Michael Bacon on Fifteen More Smart Grid Privacy Concerns
- uberVU - social comments on 2010 Defense Authorization Act Spending
- Michael Bacon on What Could Possibly Be Worse Than A Virus?

Information Security Resources

ScareWare Infects Tens of Millions Yearly

Business

Editor's Pick - Best Anti-Spyware Download

Advocacy

Business Technology

Class Action Litigation Resources

Education Infosec

Financial InfoSec

Financial Watch

Government

Identity Theft News

IDG Network

InfoSec

Mortgage Industry

Payments Industry

Privacy Rights Issues

Security Breach Aggregators

Technology and Law

Technology News

ISR News Feed

Feedback