Fake Antivirus Programs are the new Viruses

Bye-Bye Anna Kournikova!  It’s been ages since someone told us that they got a virus on a computer by opening an email someone sent them.  For the most part, computer users have figured out what emails they can safely open, and what’s a hoax.  Thankfully, it seems that email hackers can’t spell, and that usually tips us off…


But there’s a new breed of cyberpunk, and this one is outright criminal.

Fake antivirus programs which trick the unwary of their hard earned money are among the fastest growing threats in cyber space.


According to a report by Kasperksy Lab called “Rogue Antivirus: A Growing Problem”, there are now more than 30,000 programs that pretend to be anti-virus programs spreading across the Internet, with between 10 to 20 new rogue programs being discovered every day.  This is in comparison to only 3,000 such rogue programs in the first half of 2008.

According to the author of the report, Mr Vyacheslav Zakorzhevsky, senior malware analyst with Kaspersky Lab, these rogue antivirus programs are increasingly popular with cybercriminals.


“The massive increase in the number of rogue antivirus programs suggest this is a very profitable business for cyber criminals.  The scare tactics they use increase the likelihood of success.”


“The rogue antivirus can be downloaded onto a user’s computer by Trojan-Downloader or it can come from visiting an infected website.”


“More often than not these programs are downloaded by the users themselves.  Cyber criminals use Hoax programs or adverts to trick users into doing this.  Hoax programs are a type of fraudware designed to persuade users they need to download a particular antivirus solution which will be installed on the victim’s machine even if the user declines the offer”.


“The unsuspecting user is then warned that their computer is under threat and told they need to pay money for the solution.  But the solutions are bogus, and the user gets nothing and the criminal the money,” Mr Zakorzhevsky said.


A huge percentage of the viruses that we remove are of this “fraudware” nature.  Here are some tips to avoiding them.


1)      Know the brand of antivirus software you have on your computer.  If you get a notification from an apparent antivirus program that you’re not familiar with, assume it’s a fraud.

2)      Close “fraudware” with the Task Manager (opened by hitting ctrl-alt-del), or by right clicking the icon down in the task bar.  Quite often clicking anywhere in the window of the “fraudware” is enough to install it.

3)      Note the website you were trying to get to when you were presented with the “fraudware” and avoid it in future.  It’s been hacked.