Fake Anti-Virus Scareware, the scourge of the Internet

[tweetmeme source=”mikerigsby” only_single=false http://mikerigsby.wordpress.com]

Being as how this is a new year with some of the same old internet malware problems I wanted to take a moment to talk about one of the most common and most often infected on people’s computers but it is also one of the easiest to avoid infection from.

Scareware is semi-malicious software that is designed to scare a user into thinking that they need to purchase their software in order to protect their computers. Generally called Fake Anti-virus software, it pop-ups up right in the middle of your screen while online and says your computer is infected with dozens of viruses. The pop-up cannot be closed by the normal X button in the top corner.

A side note to keep in mind is that legitimate anti-virus software, like Microsoft Security Essentials, Kaspersky, etc, nearly always works ‘behind the scenes’. It scans quietly in the background and removes viruses without a blatant, scary message coming up in the middle of your screen.

It is very well designed software and looks legitimate and looks like it’s busily scanning your computer. It’s generally transmitted by malicious or infected advertising banners on perfectly normal, legitimate websites.

Virus and Malware designers will actually purchase advertising space on legitimate websites in order to spread their malicious software so, contrary to popular belief, you don’t have to be browsing ‘unscrupulous’ websites to catch computer viruses. This software is designed to make you think your computer is infected and then give you the ability to enter your credit card information to purchase their “anti-virus” software to remove these supposed infections.

This not only gives malicious people your credit card information but it is also not true. Either your computer isn’t infected, or even if it was this software doesn’t actually remove anything. To the contrary, this fake ant-virus software actually is the virus.

I’ve attached a couple screenshots of what the scareware will likely look like, although it comes in dozens of different names.

Now for the important information. Avoiding getting infected. These steps aren’t 100% guaranteed to avoid infection but they’ll definitely help.

If you get one of these fake anti-virus pop ups:

1. STOP! Do not click anything in the window, not the X, not an obvious Close button, nothing. At this point the software most likely is only trying to scare you and hasn’t actually installed on your computer.

2. First thing to try is to press the Alt key + the F4 key. This keyboard combination will force close any active windows. Try it a few times in case the first try doesn’t work.

3. If this doesn’t work, right-click on your Start menu, select Task Manager, then on the Applications tab find the entry for your browser and press End Task, repeatedly if necessary. This will crash your internet browser and, hopefully, one of these two steps will help you avoid getting the malicious software actually installed on your system.

Once you’ve done these, hopefully the pop-ups are gone and the next step I would recommend is, if on a work PC call IT to let them know about it and, if at home I would recommend doing a Full scan with your anti-virus software of choice, just to make sure your system is clean.

My personal preference for Anti-virus software is Microsoft Security Essentials. MSE is free from Microsoft, very lightweight on resources, works extremely well and since it is from Microsoft it will maintain current virus definitions through Windows Updates. However, companies like Kaspersky, GFI, Avast, Avira, AVG, Panda all make good antivirus solutions and many of them are free to use. The important thing is to pick something, keep it up to date, and to scan with it regularly.