One of the largest computer security companies, Symantec, released a stunning report yesterday on the prevalence of rogue security software. The study reveals that from July 1, 2008, to June 30, 2009, Symantec received reports of 43 million rogue security software installation attempts from 250 distinct rogue applications. This is a huge number and what makes it even more incredible is that it only counts the owners of Symantec's popular line of Norton security software—the actual number of attempts across all computers is probably in the hundreds of millions.
What is Rogue Software and Why is it Bad?
Rogue security applications masquerade as real virus or spyware-protection programs for the sole purpose of separating you from your money. At best, the programs do nothing; you simply lose however much money you paid for what is, essentially, worthless junk. At worst, these programs can track your keystrokes and steal your personal information from your PC.
Oh, and don't forget that when you bought the software online you voluntarily gave your credit card information to some criminal gang in Belarus, Romania or, yes, even Texas.
How Does Rogue Software get Installed?
Perpetrators of rogue security software scams use a wide variety of methods to fool potential victims. One very common method is to pop up a flashing or other seemingly scary message when you visit a website that tells you "Your PC is infected with a virus. Click here to fix".
If you click on the ad, you may be authorizing it to download the malicious software to your computer and, once installed, you will keep getting messages about viruses, spyware, etc. on your PC that can only by fixed by buying the "premium" version of the product. Of course, there are no viruses on your PC except for the rogue security program itself.
Many of these rogue programs have legitimate sounding names to fool potential victims, and may even use pop-up windows that look nearly identical to those found in real antivirus programs or Microsoft Windows. Don't be fooled. The Top 10 Rogue Security Applications, according to Symantec:
Spyware Guard 2008
AntiVirus 2008
AntiVirus 2009
Spyware Secure
XPAntivirus
WinFixer
SafeStrip
Error Repair
Internet Antivirus
DriveCleaner
And don't assume that because you are on a respectable website, the message is truthful. Even the New York Times was recently affected by scam security software ads appearing on their site. A good rule of thumb is to always assume that these ads are bogus and never, ever click on them. This includes any ads you get through email or links to a "great, free antivirus program!" you come across in website forums.
This video from Symantec shows real examples of rogue applications and clearly demonstrates how easy it is to be fooled if you're not aware of the risks.
How do I Know if I Have Rogue Software Installed?
Everyone should have up-to-date Internet security software from a respectable company such as Symantec (Norton), McAfee, Trend Micro, Avast or Microsoft. And, if you do, you should be protected.
However, if you're experiencing frequent pop-up messages from a program other than from a respectable company warning about viruses or spyware, a rogue application may have gotten through. Try to identify the name of the program from the message and then check the Symantec or McAfee site for removal directions. If you need additional help, see Find Online Tech Support for your Computer. Whatever you do, don't follow any links to download updates to the rogue program.
If you don't have security software running, you should purchase it as soon as possible. It should go without saying, at this point, but only buy software from a known manufacturer and only through the company's website (see list below) or a known reseller, such as Best Buy or Amazon.
Anytime you find a rogue programs installed on your PC, or if you have provided your credit card data to a rogue website, you should assume the worst. Read Seven Ways to Protect Yourself from Cyber Criminals for information on how to protect yourself from identity theft.
I Have a Mac. Does this Affect Me?
The vast majority of these rogue programs have been written for Microsoft Windows-based PCs. Symantec did identify at least two programs, however, that were targeted at Mac owners. And, whether you own a Mac or Windows PC makes no difference if you have been tricked into providing credit card information to a bogus site because of a threatening pop-up ad.
Need More Help?
We know this is a confusing topic, which is why it is so easy for so many to get fooled. If you have questions or concerns, please ask in the comments below or in our Computers and Software forum and we will provide guidance.
From veetech1 on October 21, 2009 :: 11:27 pm
Okay, I’m upset because I may have a rogue program installed that interestingly was suppose to give me a rebate back on the cost to pay for it. Anyone know about Stopzilla? If this is rogue, what can I do because I know I probably have other infections since my computer practically shut down until I downloaded something for antispyware…it was terrible…like in safe mode. this is perhaps the most frustrating thing I deal with in PCs (I have a MAC too never have a problem with this) so this article will be very helpful to me
Reply