Skip to main content

What’s Protecting Millions of Computers? Fake Security Software

Symantec Logo
Image used with permission by copyright holder

By now most savvy Internet users have seen popups and other advertising warning that their computer is infected with a worm or a virus, but for a small fee and a quick download, that problem can be cleared right up! Unsurprisingly, these “scareware” offers are scams, hoping to dupe unwitting users into turning over money for what’s (at best) useless software. At worst, users may be literally paying to install software that compromises the security of their computer or even lets remote attackers take over the machine.

Sound far-fetched? Not according to a new report (PDF) from Symantec: the company’s new Report on Rogue Security software says that in the year between July 1, 2008, and June 30, 2009 Symantec received a whopping 43 million reports of attempted installations of fake security programs. Moreover, during the same period 250 such programs were detected in the wild, and 38 of the top 50 programs were around before July 1, 2008, suggesting these applications have a life cycle far longer than the typical trojan horse, worm, or virus.

Symantec didn’t have any way to know—and hasn’t offered any figures—for how many of those installations may have been successful, but the company reports that some 93 percent of the software installations for the top 50 rogue programs were intentionally downloaded by users—meaning most of the 43 million-or-so users who download these things were successfully duped.

Many of the fake security programs are priced from $30 to $100, with a great deal of the marketing for the products being done by middle-man affiliate partners who typically earn between 1 and 50 cents per successful download. The most successful “master sites” for bogus security software seem to have been Bakasoftware, TrafficConverter, and Dogma Software. Although TrafficConverter was shutdown in November 2008 (as part of the pursuit of the Downaup worm), the site claimed to have as many as 500 affiliates for distributing bogus security software, with top performers earning over $300,000 per month for getting Internet users to install the software.

Symantec urges Internet users to only use reputable, validated security software. In addition, users can reduce their risk by avoiding clicking on links in email messages, never opening email attachments from unknown sources, and being wary of popup and banner advertisements that mimic system dialog boxes and displays.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
You’ll never guess what hackers are using Microsoft Calculator for
A depiction of a hacker breaking into a system via the use of code.

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Read more
Update Google Chrome now to protect yourself from an urgent security bug
Google Chrome app on s8 screen.

Google posted a security update for its Chrome browser that fixes what's known as a zero-day bug. The problem affects Chrome on Windows, Mac, and Android. The flaw can lead to arbitrary code execution, a serious security vulnerability, so it's best to download and install the latest version immediately. Zero-day bugs mean that this is a known weakness and, in this case, Google said that the flaw is already being exploited by hackers.

Google did not post a detailed explanation of how the exploit works, but will do so when the majority of people have updated, making the danger of further attacks less severe. The most severe bug is identified as CVE-2022-2294 and the update also patches CVE-2022-2295 and CVE-2022-2296.

Read more
Get total protection with Trend Micro Premium Security Suite
trend micro premium security suite deal lifestyle

Almost everything we do today is connected to the internet, from our cars to our televisions. The recent increase in remote work and study has only added to our dependence on the web, but students and professionals aren't the only ones who have been busy online -- cybercriminals and other bad actors have also taken full advantage of the fruits of our digital age, and it's more important than ever to take steps to protect yourself and your family from today's threats. Thankfully, you don't have to hire a professional or shell out a small fortune to get a comprehensive software solution: Trend Micro's Premium Security Suite does it all for you, and for a limited time, you can sign up and grab a one-year subscription for more than 50% off.

Trend Micro has a pretty wide umbrella of security apps, and its Premium Security Suite is the company's most comprehensive package. It consists of six modules, each of which acts as a barrier against specific threats to give you multi-layered protection against viruses, spyware, identity theft, and more. For on-device protection, Trend Micro's Premium Security Suite has you covered with its Maximum Security and Mobile Security apps. These protect your Windows, Mac, and Chrome OS computers as well as Android and iOS mobile devices against malware such as viruses, spyware, and ransomware. These also provide real-time security for your personal information as you browse (useful for shopping, paying bills, and managing your personal accounts) and automatically detect and block potentially malicious websites.

Read more