Welcome to our blog page. Please let us know what you think. You are the reason we have this site and the reason Arr-Tek Solutions exists.

Fake antivirus is one of the most frequently encountered threats on the web today.

 Also known as rogue antivirus, rogues, or scareware, fake antivirus uses social engineering to lure users to malicious sites and scare them into paying for fake threat removal tools.

What is fake antivirus?

Fake antivirus is fake security software which pretends to find dangerous security threats—such as viruses—on your computer. The initial scan is free, but if you want to clean up the fraudulently-reported “threats,” you need to pay.

This class of malware displays false alert messages to computer users concerning threats on their machines (but these threats do not really exist). The alerts will prompt users to visit a website where they will be asked to pay for these non-existent threats to be cleaned up. The fake antivirus malware will continue to send these annoying and intrusive alerts until a payment is made or the malware is removed.

Why is fake antivirus so popular among cybercriminals?

It is a huge revenue source. Compared to other classes of malware such as bots, backdoor Trojans, downloaders and password stealers, fake antivirus draws the victim into handing money over directly to the malware author. Victims typically pay around $120 via credit card to pay for the junk software that will supposedly fix the problem.

Fake antivirus is also associated with a thriving affiliate network community that makes large amounts of money by driving traffic toward the stores of their partners. Individual affiliates can quickly generate income because distribution networks pay affiliates between $25 and $35 to simply do “lead generation” by infecting additional computers.

Typical signs of infection

Fake antivirus usually uses a large array of social engineering techniques to get itself installed. Campaigns have included:

Fake Windows Security Updates

Fake Virus-Total pages

Fake Facebook app

9/11 scams

Once on a system, there are many common themes in its behavior:

Popup warnings (See Illustrations on the right)

Fake scanning

The fake antivirus will typically pretend to scan the computer and find non-existent threats, sometimes creating files full of junk that will then be detected.

Fake antivirus uses an enormous range of convincing names to add to the illusion of legitimacy, such as:

•  Security Shield
• Windows 7 AntiVirus
• Windows XP Recovery
• Internet Defender
• PC Security Guardian
• BitDefender 2011
• AntiMalware Tool
• XP Security 2011
• Windows Antivirus 2011
• XP Antivirus 2011
• MacDefender
• Windows 7 Recovery
• Windows PC Tools
• Mac Security
• Smart internet Security

There can be many thousands of variants for each of these.

In the coming weeks, I will show how to combat these "rogue" programs. What to be on the lookout for, and preventative steps you can do to battle them.

As with anything you do online, use common sense, if it sounds too good to be true....it more than likely is. If it sounds really ridiculous, or out of touch....it probably is.  Awareness is half the battle, being cautious keeps us safe and sane!

Patrick

 * * Sourced from:

 Sophos copyright 2011,

 AVG by Grisoft 2011,

 ComputerGuys 2011