Cybercriminals use fear and anxiety to dupe users into buying rogue security software

21 Oct 2009

Cybercriminals are employing increasingly persuasive online scare tactics to convince users to purchase rogue security software, lulling them into a false sense of security while exposing them to greater information and identity risks.

Announcing the findings of its report on Rogue Security Software, security software maker Symantec Corp said that based on data obtained during the 12-month period of July 2008 to June 2009, the study found that some rogue security software actually install malicious code that puts users at risk of attack from additional threats.

Rogue security software, or ''scareware,'' is software that pretends to be legitimate security software, which provide little or no value and may even install malicious code or reduce the overall security of the computer.

To encourage unsuspecting users to install their rogue software, cybercriminals place website ads that prey on users' fears of security threats. These ads typically include false claims such as: ''If this ad is flashing, your computer may be at risk or infected,'' urging the user to follow a link to scan their computer or get software to remove the threat.

Symantec identified the top five reported rogue security applications as being SpywareGuard 2008, AntiVirus 2008, AntiVirus 2009, SpywareSecure, and XP AntiVirus.

According to the study, 93 per cent of the software installations for the top 50 rogue security software scams were intentionally downloaded by the user. As of June 2009, Symantec says it detected more than 250 distinct rogue security software programs.