How to spot a wolf in sheep’s clothing

One of the biggest threats companies are facing these days are fake anti-virus programs, applications that sport professional looking graphical user interfaces, but are in fact malware. LUTX BLAESER of Inact Security advises on how to spot these programs.

One of the biggest security threats plaguing companies and individuals these days has taken the guise of something that is supposed to provide users with protection. Like the proverbial wolf in sheep’s clothing, a fake anti-virus program usually sports a professional-looking graphical user interface, making it look like legitimate anti-virus software.

But it in reality, it is a piece of malware. It will normally show up when you are innocently surfing the web, going about your usual business. It often takes the form of an official looking box claiming to be from Windows that pops up on your screen, alerting you that your system has been infected with a lot of viruses and then it will helpfully offer to assist you in cleaning your computer.

Since a message like that is enough to whip most people into an immediate panic, they will usually accept that offer of help without any hesitation. That is why this rogue software is also known as scareware, because it exploits the fear computer users have of viruses, literally scaring them into downloading it. When you do, it launches its interface and pretends to begin ‘scanning’ your computer, after which it will tell you that your system is infested with malicious software. Then it wants payment to ‘clean’ you system for you, demanding your credit card information.

Once users provide that, their money is stolen and, as if that isn’t bad enough already, they often also become the victims of identity theft. In some instances, and to add further insult to injury, the fake anti-virus software even loads real malware onto your machine which can log your keystrokes and steal passwords and other information from your computer.

The fake anti-virus could also render your machine unusable. Victims would often not be able to close the flurry of pop-up windows, and even after restarting, it will still continue to tell you that you’ve been infected.

There are various steps computer users can take to protect themselves. Firstly, you should protect your system by buying legitimate anti-virus software from a recognised and trusted brand. Then you should use it to run regular scans and pay attention to see what it looks like. You should also ensure that your third party plug-ins are always up to date, because they are not automatically updated during the normally scheduled Windows or automatic software updates and could be vulnerable to viruses if not up to date. Bad guys know that most people make use of third party plug-ins to view animated media and to work, and that these plug-ins aren’t always secure, which is why they use it as a port of entry to your computer.

If you do encounter a pop-up window warning you of an infection and offering to run a scan, realise that it is a scam. Do NOT click on it. Just restart your computer.

It is estimated that about half a million people fall victim to such fake anti-virus scams each day! It is big business and the hackers are becoming so clever and changing the malware configuration with such speed, that the legitimate anti-virus software manufacturers can scarcely keep up. So above all, trust your own instinct. If something appears suspicious, refrain from clicking on it.

* Follow Gadget on Twitter on @GadgetZA

 email this to a friend
 printer friendly version