When it comes to antivirus protection, you really need to stick with known and tested products. If you get an offer for a free antivirus scan and you don’t recognize the product, it may well be a scam. Some rogue security utilities are actually Trojans—they pretend to be useful, but secretly steal your data or otherwise make trouble. Others ape real security software and try to scare you into paying money to clean up problems that don’t really exist. For that reason, they’re often called scareware.
Don’t Buy It!
This is a growing problem, and it’s your fault. If absolutely nobody installed these programs, the bad guys wouldn’t be able to keep going. They’d find some other scam. As it is, plenty of people shell out $29.99 to register these frauds. It’s not a Madoff-level scam, but some of them are doing so well they even offer tech support. No kidding! The first they’re likely to tell you is “First, remove any existing security software…”
These rogue programs may copy user interface elements from real malware protection programs; the multi-color Windows security shield is especially popular. They often use names that sound like the real programs that you’ve heard of. Some years ago, poor grammar and spelling often blew their cover, but those currently active are much more refined.
How can you avoid getting scammed? If a security program that you never installed pops up with a dire warning, that’s a clue that you’ve been scammed. If it’s really, really hard to close the program or get out of the registration process, there’s another clue. The biggest giveaway is often their incredibly fast virus scanning. Since there’s no real scanning going on the programmers can make it as fast as they want.
Just look at the screenshot below. This rogue antivirus claims it found 489 issues, but they’re all innocuous temp files and such. What it did not find were the dozens of malware samples present on the test system. Not one!
I should point out that some legitimate programs work in a similar fashion. You can scan for free, but you must pay if you want the antivirus to take action. PC Pitstop PC Matic is an example. But in testing, its scan took more than an hour, and only quarantined actual malware. That’s a far cry from the near-instant (and useless) scareware scans.
Writing a ransomware program is tough. You have to devise code that encrypts the user’s files, hides from antivirus programs, and (if you’re an honest crook) transmits the decryption key to you once you’ve paid the ransom. Writing fake ransomware is a snap, by comparison. And the ransomware protection utilities that face down the real thing don’t bother with the fakes.
The typical fake ransomware webpage has a big, scary warning that you are in trouble, perhaps for viewing porn. It demands payment of a fine through some untraceable currency, maybe Bitcoin, maybe a gift card. And if you try to leave the page or close the browser, you just get a message that the browser is locked. Don’t worry; it isn’t.
Web developers can configure pages to pop up a notification when you leave, asking whether you really want to leave. The perpetrators of these fake ransom pages just leverage that simple technology, and take away your option to actually leave. All you need do to call their bluff is kill the browser using Task Manager.
Fraudsters don’t just create fake programs to scare you into paying for non-existent malware cleanup. Some of them call you on the phone, warning that your computer is spewing viruses, or that your personal data may have been compromised. They may claim to be from Microsoft—trust me, Microsoft is notgoing to call you. And they want you to pay via credit card to have them remote-control your computer and fix the problem. What a nightmare!
Another scam that’s going around arrives as a threatening email. The sender claims to have recorded your visits to porn sites and other unsavory web locations, then threatens to make the recordings public unless you pay up. The ransom tends to be steep; I got one asking for $3,000. Most people can laugh this one off. However, according to a Webroot study, 44 million Americans regularly visit porn sites. Those folks might worry a bit.
Before you consider paying money for any security program, check for reviews on reputable sites like PCMag.com. Watch out for shill sites with fake reviews set up by the roguesters themselves. Carefully peruse PCMag’s roundups of best antivirus programs. Armed with the information you’ll find there, you can make an informed choice, free of scareware worries.