The new breed of malicious software known as “scareware” is showing up everywhere around the Internet, infecting thousands of computers every day. Bogus ads designed to scare you into thinking that your computer has multiple virus infections are showing up on thousands of otherwise legitimate websites, conning unsuspecting victims out of their hard-earned cash.
I wrote about some of these scareware schemes last July in an article titled, “I Got Hacked.” You may wish to have a copy of that article on hand for future rescue work, because it describes how to save your computer from a scareware attack. Just last week the process described in the article saved one of my customer’s computers from devastation. Yesterday, I heard from another scareware victim, but sadly, it was too late for them. It seems that every time I turn around, I am talking to another scareware victim.
Bogus scareware ads have been popping up in the most unlikely of places, such as the New York Times website. Scammers, posing as the Internet phone provider Vonage, fooled the Times’ advertising department into placing ads that turned out to be for a scareware product called “Personal Antivirus.” Only after receiving hundreds of complaints did the Times figure out what was going on.
Other websites, such as Newsweek, Fox News, the San Francisco Chronicle and Microsoft’s MSN website have also been duped into serving up scareware ads. According to Microsoft attorney Tim Cranton, Microsoft has even gone so far as to track down and sue five advertisers that they say used ads to “distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users.”
There are a few good ways that you can protect yourself from scareware. One way is to never click on anything that you see in the fake ad. Refer to the “I Got Hacked” article for more details. Another tactic is to set your browser to block popup ads. Popup settings can be modified to suit your needs, but, as a rule, you should block all popups. I also recommend the use of some sort of website filtering software. I wrote an article in June called, “Who Do You Trust.” It describes a browser plugin called “Web of Trust.” Web of Trust is great; get it. Personally, I won’t surf the web or do Google searches without Web of Trust.
Finally, it would behoove you to learn more about your computer, as in, what antivirus program do you use. That way, when you see a popup alert warning you that your computer is infected, you will know whether or not it is coming from an antivirus program that you actually use.
To help folks sort out legitimate antivirus programs from the fakes, the Common Computing Security Standards Forum (CCSS) has posted a list that contains just about every legitimate antivirus program in the world at ccssforum.org/trusted-vendors.php. If you come across an alert from any so-called antivirus/security program that is not on this list, beware!