Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Web-Users Fall For Fake Anti-Virus Scams

CmdrTaco posted more than 3 years ago | from the i-use-magnum-xl-av dept.

Privacy 272

jhernik writes "Fearing their computers may be prone to viruses, many web-users download fake anti-virus software, only to find later that their bank details have been hacked. According to the latest research by GetSafeOnline.org, the UK's national internet security initiative, a rising nunber of organised criminal gangs are tricking security-conscious intenet-users into purchasing anti-virus software to access their bank details. Posing as legitimate IT helpdesks, these fraudsters target internet users concerned about protecting their computers. By offering free virus checks, they normally tell consumers that their machines are infected and offer fake security software protection – usually costing around £30 – which is actually malicious software in disguise." The fact that there is such a thriving market for fake AV scams really says something about the present state of the legitimate AV market.

cancel ×

272 comments

Sorry! There are no comments related to the filter you selected.

PEBKAC (0)

piripiri (1476949) | more than 3 years ago | (#34231560)

Again. Next story please.

Re:PEBKAC (4, Insightful)

oldspewey (1303305) | more than 3 years ago | (#34231616)

Nerds of the world, it is time to unite around a new cause. It is time to write, and release, a new virus that relies on a series of incredibly stupid attack vectors - the kinds of attack vectors that only a clueless dipshit would actually fall for. The virus has only one simple payload: it uninstalls all network drivers on the machine.

After several trips to get their machine "repaired," these folks will either wise up, or give up.

Who wants to join the crusade?

Re:PEBKAC (4, Funny)

symbolset (646467) | more than 3 years ago | (#34231678)

Not only is there already such a virus, the PC usually comes with it preinstalled.

Re:PEBKAC (2, Insightful)

windcask (1795642) | more than 3 years ago | (#34231768)

The people who really worry me are not the clueless dipshits, but the 50+ crowd who have never really used computers before, and through newly-acquired secondhand knowledge, now know just enough to be dangerous. I think they're probably the ones mostly in danger of falling for these scams. We need to keep our parents and grandparents educated and tell them just because a page shows up first in their Google search doesn't mean it's necessarily what they're looking for.

Re:PEBKAC (0)

Anonymous Coward | more than 3 years ago | (#34231884)

Sounds to me like the definition of "clueless dipshit"

Re:PEBKAC (2, Interesting)

Tanktalus (794810) | more than 3 years ago | (#34231944)

This is the reason I clicked on the story at all. Just two weeks ago, my mother (59) called in a panic about over 300 viruses that some program found, and was about to click on the "run this executable" popup that IE gave her (my father won't let her run Firefox? Not that FF is likely to have stopped this*) when she thought to call someone. She tried to get a hold of my father, but he wasn't available, so she called me. I told her it was a scam, and to abort immediately. Not knowing really what else to do, I asked her to ensure her legitimate virus scanner was run that very night just to be sure. I think the trouble was averted, but only barely. It's an effective social hack. The question that makes it worth discussing is what, if anything, can we do technically to stop these hacks, and, in the meantime, what can we do socially to educate?

(*) I've seen the scam on Firefox, too, although that was years ago. FF may be blocking it since, I guess I don't know. But I found it funny because, of course, it looked like a bunch of Windows windows, which looked really out of place on my KDE/Linux desktop. And I knew that even if I did download it, it would be unlikely to be able to do anything (not that I did download it).

Re:PEBKAC (1)

windcask (1795642) | more than 3 years ago | (#34232044)

The question that makes it worth discussing is what, if anything, can we do technically to stop these hacks, and, in the meantime, what can we do socially to educate?

I think we need to show them we care by walking them through the tasks they perform day-to-day. For example, checking their email. Show them examples of what to watch out for and what file types can possibly contain viruses. For web searching, show them an example of an SEO bomb. If they have Facebook, show them examples of what to watch for in terms of malicious apps and such. And most of all...tell them to call us if they see something suspicious. And yes, though anti-virus is 99% smoke and mirrors, it's nice to have one last layer of defense in case they are tricked.

Oh, and tell them not to bank online. It's way too important to know what to look for, and if you don't, you have a much higher probability of getting owned. Nobody's going to click on their online banking notifications if they don't bank online in the first place.

Re:PEBKAC (1)

Yvan256 (722131) | more than 3 years ago | (#34231978)

And that's why the iPad is a wonderful device. Good enough to let people get on the Web, do email, instant messaging, some games. But it's not a regular computer where you can install new drivers, etc. The so-called "average users" are the target market.

Re:PEBKAC (1)

windcask (1795642) | more than 3 years ago | (#34232184)

Yes, for now it's good enough. But the exploits are already coming around for iOS and Android. I'm afraid given a year or two they'll be just as dangerous...and the clueless will become even more clueless as a result.

Re:PEBKAC (2, Interesting)

Bert64 (520050) | more than 3 years ago | (#34232144)

These people are not the problem, the idea of giving such people full access to a full blown computer connected to a public network and running a fully fledged os designed to make such things trivial is the problem...

You don't let people drive cars, fly aircraft or do various other things unless they have received proper training, and using a computer should be no different. Such users don't need a full blown computer, they need a simplified appliance that is controlled by someone else (who knows what they're doing)... This is part of the appeal of apple's walled garden.

My grandparents have a linux box, it runs the apps they want (browser, manage photos and videos, im client, email client, music and video player) and if they want anything else they can acquire it from the ubuntu repository... They can install apps from the repositories, but can't add new repositories or execute anything they might download by hand. I configured the system and provide support and maintenance if necessary, so far it hasn't been. If they received a notice telling them their machine had malware installed and asked them to input card details, the first thing they would do is call me.
For people without technically literate grandkids, there should be paid services like this.

Re:PEBKAC (1)

Petaris (771874) | more than 3 years ago | (#34232240)

Not looking to cause a flame war but the answer is a Mac. The security on it makes sense and most of this malware just won't run (because its for Windows), and the stuff that could can't run by itself. You actually would have to install it and enter your password for it to work.

As someone who has switched their parents to a mac I can tell you that its much easier to support as well. And they can call apple support and get helped through lots of issues.

For the trolls:
*Please note, I have indicated that macs are good for this purpose, I didn't say that it was the be all end all better then anything else solution. Above all l am not suggesting that you stop using whatever you are using.

Re:PEBKAC (1)

John Hasler (414242) | more than 3 years ago | (#34232278)

The over fifties have lived long enough to have at least some chance of having acquired some wisdom about trust and overconfidence. They also sometimes know a hell of a lot more than you give them credit for and are often willing to listen to reason. More dangerous are the twenty-something know-it-alls who are utterly confident of their own abilities because, after all, they "grew up in the digital age" (that is, they were taught how to misuse Excel in school and have had a cellphone since they were four).

Re:PEBKAC (1)

PTBarnum (233319) | more than 3 years ago | (#34231646)

So? Does the fact that the user made a mistake mean that this is not a problem worthy of attention? We need to find ways to make it easier to distinguish spyware that steals your personal information for criminal gangs from the legitimate software that steals your personal information for big businesses.

Re:PEBKAC (1)

Anrego (830717) | more than 3 years ago | (#34231736)

The problem with that is, all the ways to do this are probably _really_ bad.

I know! How about we designate microsoft, erm I mean some independant authority to decide what software is safe, and have some hardware built into all PC motherboards that verifies a piece of software has been signed before letting it run!

The _real_ problem with the trusted computing solution is that is sounds good.. which creates that deep seated fear that it might one day become a reality :(

Pre-emptive response to: "well.. it could be opt-in.. this would let people who want to run unsigned software like.. Linux.. do so at their own risk:"

It wouldn't be opt-in for long. Every justification from prevention of crime to prevention of spam would be used combined with a good amount of lobbying would eventually make it manditory.

Re:PEBKAC (1)

Bert64 (520050) | more than 3 years ago | (#34232258)

It's a good idea, but only when combined with competition...

Putting everything in the hands of microsoft would be an absolutely terrible idea, but having multiple locked down devices catering to average users would be far better, and then you could still have other providers producing equipment for the geek niche market....

Look at android for a good example, the average consumer buys a locked down phone while people who understand and can take advantage of a rooted android device can either buy handsets like the nexus one or jump through hoops to unlock other devices. There are a whole host of devices available so you aren't forced to place your trust in a particular vendor.

Re:PEBKAC (1)

Lunoria (1496339) | more than 3 years ago | (#34231748)

So? Does the fact that the user made a mistake mean that this is not a problem worthy of attention? We need to find ways to make it easier to distinguish spyware that steals your personal information for criminal gangs from the legitimate software that steals your personal information for big businesses.

Simple. Make javascript illegal. That'll slow those criminals down.

Re:PEBKAC (1)

oldspewey (1303305) | more than 3 years ago | (#34231806)

When javascript is outlawed, only outlaws will use javascript.

Re:PEBKAC (1)

Brucelet (1857158) | more than 3 years ago | (#34231898)

When javascript is outlawed, it won't be running in your browser so the outlaws using it can't do anything.

Re:PEBKAC (1)

windcask (1795642) | more than 3 years ago | (#34231902)

I'm sorry, I think you're confusing teh interwebs with Chicago...

Re:PEBKAC (1)

piripiri (1476949) | more than 3 years ago | (#34231790)

It's the same old problem and the same solution which rise every time an issue like that appear. Someone will always be able to fool the users as long as their systems are insecure.

Re:PEBKAC (1)

adonoman (624929) | more than 3 years ago | (#34231990)

Someone will always be able to fool the users.

You're correct up to this point. Even with a mandatory hardware-based trusted computing platform, there will still be users out there being tricked into entering their banking details into a strange website (or even over the phone).

Re:PEBKAC (3, Insightful)

Bert64 (520050) | more than 3 years ago | (#34232212)

The walled garden approach (eg apple) works well for average users...
Linux distros with trusted repositories are a good idea too, the average user still receives the protection of getting all their software from a known trusted source while advanced users still have the flexibility available.

End users should not have root or equivalent access, they should only be able to install software from trusted sources and should defer to a third party (either someone they know, or a paid service etc) for anything more advanced.

Re:PEBKAC (5, Insightful)

EdZ (755139) | more than 3 years ago | (#34231692)

It's already pretty damn easy to identify fake AV software. Just follow this simple flowchart:

Is it advertised through a popup or an unsolicited email? > Yes > It's a scam!

Simple! This works for all products, not just fake AV.

Re:PEBKAC (1)

slim (1652) | more than 3 years ago | (#34231938)

I think my dad fell for something like this. As far as I can ascertain, he searched for Malwarebytes, and whatever page he got to, the most conspicuous "download" link was to the scam product. So really, I can't blame him for being fooled.

The software identified some issues, but said there were more, that it would charge him for removing. Some time later, he received a phone call about it. I don't know how they got his phone number, but we do have an unusual surname.

Re:PEBKAC (1)

Fallon (33975) | more than 3 years ago | (#34232156)

I completely agree.... However I get these from Symantec, McAfee and other "good" vendors. Not that this discounts your theory about it being a scam, it's just not a flat out 100% scam, only a partial scam.

Re:PEBKAC (1)

eviljolly (411836) | more than 3 years ago | (#34232024)

Agreed, this is not news for nerds; it's news for end users.

Re:PEBKAC (1)

eepok (545733) | more than 3 years ago | (#34232082)

Really? I thought the problem was the virus-writers and the scammers. "PEBKAC" here is blaming the victim who was innocent enough to trust.

Don't forget to blame the next car-jacking victim who pulls over to help out someone who, on the outside, seems to have broken down.

How is this news? (2)

gregthebunny (1502041) | more than 3 years ago | (#34231578)

Most computer users are simply naive; some are downright stupid. This should be tagged: !news.

Re:How is this news? (1, Insightful)

Anonymous Coward | more than 3 years ago | (#34231762)

Most people are fucking idiots.

Obviously not news.

Re:How is this news? (3, Insightful)

piripiri (1476949) | more than 3 years ago | (#34231818)

Most people are fucking idiots.

Not idiots, but ignorant. You can't blame them for that.

Re:How is this news? (1, Insightful)

Anonymous Coward | more than 3 years ago | (#34231922)

Not idiots, but ignorant. You can't blame them for that.

Why shouldn't they be blamed? Why do we insist on creating a dumber world where nobody is responsible for their own actions?

Re:How is this news? (1)

delinear (991444) | more than 3 years ago | (#34231954)

Yes, because it's impossible to educate yourself on any of this stuff. What we need is some kind of global information resource available to pretty much anyone, pretty much anywhere, that people could use to educate themselves. Seriously, you can't blame users for starting from a point of ignorance, but when they choose to remain in a state of ignorance then they're hardly blameless. People manage to learn how to drive largely without everyone killing themselves or each other the first time they get in a car. If it's possible for people to learn the dangers of that activity, how hard is it for people to similarly educate themselves (or have someone else educate them) on the dangers of the internet (sure it's not your life that's in jeopardy online, but it could well be your house, all your savings, your job, your credit-worthiness...)

Re:How is this news? (1)

Tarlus (1000874) | more than 3 years ago | (#34231802)

Yeah, it's not exactly news. For a couple of years I've been seeing pop-ups which try to mimic the XP "My Computer" Explorer window, warning of hundreds of viruses on each of the user's drives. Of course the whole thing is bogus but soon I find myself removing "AntiVirus XP 2011" or some crap like that from the computers of people who fell for it.

But, it is always funny if not a little confusing to see those popups while using Win7 or a non-Windows OS.

Re:How is this news? (0)

Anonymous Coward | more than 3 years ago | (#34231942)

Nuns are particularly trusting.

Re:How is this news? (1)

bonch (38532) | more than 3 years ago | (#34231964)

Just because users are often naive doesn't mean it's not news with there's a new wave of a specific type of malware, which allows Slashdot's technical readers to discuss Windows security, how to better educate users, the current state of the antivirus market, and so on. Lighten up a little, sheesh.

Re:How is this news? (1)

blair1q (305137) | more than 3 years ago | (#34232234)

It's science. It increases the number of significant figures in "most" from 0 ("0.5 to 1") to 2 ("24%) and reveals it not to be "most" but only 1 in 4.2 of those surveyed.

Refunds (0)

Anonymous Coward | more than 3 years ago | (#34231586)

If you would like a refund for any of fake antivirus software you have already purchased, please send your bank account number, credit card number, pin number, email address, and password to ...

I would have put in a fake email address, but knowing my luck someone would fall for it.

Or... (2, Insightful)

ShadowRangerRIT (1301549) | more than 3 years ago | (#34231606)

The thriving market for fake AV scams simply means people are too cheap to pay full price for a commercial AV scanner, or too stupid to find a legit free one. Computers are appliances to 90% of the world's population, and no other appliance requires expensive upgrades to determine if it's being misused. Even without a car alarm, you'll notice if your car isn't where you parked it, but a most infected computers don't advertise as such. People know they need an AV scanner, and hey, the computer just offered them one, "Score! No need to go shopping for one!" All viruses (that aren't autonomous worms) spread based on misplaced trust or greed, and getting a cheap AV scanner appeals to both instincts.

Re:Or... (1)

ByOhTek (1181381) | more than 3 years ago | (#34231636)

Or that they are unaware that they already have one, or that they just are too trusting when someone says it's failed. Given that the users are demonstrating a lack of knowledge about reliability about AV software, the latter says more about the user than the installed AV.

Re:Or... (1)

takowl (905807) | more than 3 years ago | (#34231670)

Even without a car alarm, you'll notice if your car isn't where you parked it

It won't do you much good, though. This is why an alarm is now standard in most, if not all, new cars. Microsoft seems to be moving in the same direction for Windows, with Security Essentials. I guess antitrust issues stop them from installing it by default, though.

Re:Or... (1)

Schadrach (1042952) | more than 3 years ago | (#34231718)

The funny part being that Security Essentials is actually pretty decent for a freely (as in gratis) distributed app. I actually wish MS put just a tiny bit of effort to push it in windows, so that those who are cheap would install it before they fall prey to the Antivirus XP BS.

Re:Or... (1)

brainboyz (114458) | more than 3 years ago | (#34231904)

They did and they got backlash from the anti-monopoly community and other AV vendors for "repeating the IE mistake" with AV.

Re:Or... (1)

KarmaMB84 (743001) | more than 3 years ago | (#34231738)

If ads on legitimate sites weren't offering up these kinds of "tools", I'd be more inclined to agree the users that get infected are somehow stupid. I remember having my antivirus going off on a regular basis when browsing completely legit sites because an ad embedded in it was attempting an exploit.

Free isn't Easy (2, Insightful)

cheesethegreat (132893) | more than 3 years ago | (#34231914)

To be fair, it's not exactly easy to find a legit free AV programme. Downloading my poinson of choice, AVG, for example, requires you to navigate through the website, locate the tiny "free version" link on a series of pages, and wind through and around a whole lot of annoying screens designed to baffle/frustrate/bully you into buy a pay version.

And worse, you then have to go through this whole process again every six months when they release a new version that isn't covered by the auto updater.

I definitely consider the behaviour of companies like AVG to be partially responsible for people getting confused, frustrated, and resorting to less legitimate means.

Re:Free isn't Easy (0)

Anonymous Coward | more than 3 years ago | (#34232176)

Who the hell still uses AVG, they're just as bad as the big names now. Check out Avast

What planet has the submitter been living on? (2, Insightful)

timestride (1660061) | more than 3 years ago | (#34231622)

Seriously. This has been going on for YEARS. Why is this being posted here?

Re:What planet has the submitter been living on? (3, Informative)

ByOhTek (1181381) | more than 3 years ago | (#34231668)

There was a huge news rush several years back. Slashdot is just trying to catch up.

Re:What planet has the submitter been living on? (2)

Frosty Piss (770223) | more than 3 years ago | (#34231976)

Seriously. This has been going on for YEARS. Why is this being posted here?

Because eWeek wanted to shill a "story" here to get page views?

Ugh (1)

bonch (38532) | more than 3 years ago | (#34231626)

I've had to clear a few of these off co-workers' machines this year. Running Windows 7 with the latest security patches and legitimate protection software installed, and people still get infected with this crap, so it's the users installing it and not just holes in the system being exploited. The last one I removed actually replaced the Windows shell on startup with itself, disabling web browsers, regedit, and other key system software. I felt like going on a shooting spree.

Re:Ugh (1)

tverbeek (457094) | more than 3 years ago | (#34231792)

Is it too late to require people to learn how to use these devices properly before they're sent zooming along the information superhighway?

Re:Ugh (1)

bonch (38532) | more than 3 years ago | (#34232036)

I don't blame them at all for installing the malware. In the case of the last cleanup I did, a web page apparently displayed a window that was made to resemble a Windows security alert. I think the solution is better computing environments, such as iOS, leaving the technical environment of a desktop PC to technical individuals who require it. Why should someone run Windows if all they do is word processing or web browsing? As Steve Jobs put it, today's PC environment will eventually be like pickup trucks. Not everyone will have one, but those who do will have specific needs that demand one.

Nobody here is a better person than anyone else just for knowing how computers work. I'm sure you wouldn't enjoy taking your car into a shop and overhearing the mechanics mocking you for not understanding some complex aspect of your automobile's combustion process.

Re:Ugh (1)

delinear (991444) | more than 3 years ago | (#34232252)

Only when it hits them financially - maybe if banks offered better rates or incentives to people who had passed some kind of basic internet competency exam, we'd see people making the effort to educate themselves (or lots of people falling for fake competency exam scams).

Re:Ugh (3, Interesting)

gad_zuki! (70830) | more than 3 years ago | (#34232054)

>so it's the users installing it and not just holes in the system being exploited.

Are you sure about that? The analysis of various crimepack stats posted by Brian Krebs [krebsonsecurity.com] shows that the vector for these infections is usually (in order) Java, Adobe Reader, Flash, and browser exploits. So lets assume you patched these machines using Windows Update. That means you patched any known browser exploits, but the malware writer can still try various Java, Reader, and Flash exploits.

I think the real issue currently is how poorly these app updaters are written. Reader may never ask to do an update unless you manually start it once to install the current version of Adobe Updater. Java, depending on the version, either sits quietly in the tray asking for an update or never bothers. Flash asks at startup sometimes, but it may only update IE, but not Firefox.

For end users who have no clue, which is most of them, these apps should just be set to auto-update without asking. Admins and power users can edit this as needs be. In the meantime, its pretty trivial to infect a machine. Almost no one makes an effort to patch these apps.

I don't believe the problem is PEBCAK as we like to think. Browser plugs are a serious issue. They're just not being updated.

cue /. superiority complex... (4, Insightful)

kj_kabaje (1241696) | more than 3 years ago | (#34231628)

cue /. superiority complex... Seriously, rather than tag as !news or PEBKAC, how about some intelligent discussion about either educating the general public or another more intelligent solution?

Re:cue /. superiority complex... (2, Interesting)

Monkeedude1212 (1560403) | more than 3 years ago | (#34231846)

how about some intelligent discussion about either educating the general public or another more intelligent solution?

We did that about 10 years ago when this story was fresh.

We've been doing that for the past 10 years. And we've decided that PEBKAC.

My idea of an intelligent solution is an infectious antivirus - spreads like other viruses do, via email, poisoned URLS, phishing, etc etc - use all the vulnerable vectors you can to spread an antivirus. It goes and tries to remove any viruses it can find and occaisonally calls back to some central server for an updated list on new threats and how to combat them.

Not a perfect solution, but I think we need to start fighting fire with fire.

Re:cue /. superiority complex... (1)

takowl (905807) | more than 3 years ago | (#34232006)

Plus patching any known security holes? Interesting idea. I think the trouble is funding/motivation: both virus and antivirus writers usually do it for profit, and it would take time and effort to keep it up to date. Since it would be, at best, dubiously legal, it probably couldn't be sponsored by any company, so it would have to be a guerilla effort. And the people who could write it mostly wouldn't benefit (except perhaps that they'd spend less time cleaning their families computers...).

Re:cue /. superiority complex... (0, Flamebait)

bonch (38532) | more than 3 years ago | (#34232098)

We did that about 10 years ago when this story was fresh.

Oh, shit, we talked about it on Slashdot 10 years ago? Well, that settles it, there's simply no excuse for the public not reading Slashdot 10 years ago. Stupid people!

Re:cue /. superiority complex... (1)

Tarlus (1000874) | more than 3 years ago | (#34231886)

cue /. superiority complex...

Wait, I know this one! *Ahem*...

Pffft. I never have to deal with these sorts of things on my Mac/Linux/BSD computer!

Did I do it right?

Re:cue /. superiority complex... (1)

Sockatume (732728) | more than 3 years ago | (#34231896)

I read an argument recently (maybe on Language Log of all places) that this was an example of intelligence being disadvantage. Having a general awareness of the threats represented by viruses is a requisite for vulnerability to the scam, while someone completely ignorant of computer threats wouldn't be susceptible. Sort of the scam-art equivalent of the uncanny valley.

Re:cue /. superiority complex... (1)

Anrego (830717) | more than 3 years ago | (#34232056)

Dunno if I agree with that argument.

Most scams are pretty good about educating you on the product .. it's part of the scar tactic:

There may be a VIRUS on your computer.. RIGHT NOW!

A VIRUS can DELETE YOUR WORK or STEAL YOUR PRIVATE INFORMATION!

Here.. let me check if you have any..

Yup.. found a whole bunch... the following files are currently infected AT THIS MOMENT:

C:\My Documents\
C:\System\
C:\Windows\

Don't worry though.. download MakeThisGoAwaySoICanGetBackToFarmville.exe to fix the problem. You'll probably see this security warning:

[image of the dialog that is supposed to warn the user of stuff like this]

Just click "run" and we'll fix things right up for you!

Re:cue /. superiority complex... (1)

Anrego (830717) | more than 3 years ago | (#34232102)

Wow.. thats some bad typo action, even for me!

* Most scams are pretty good about educating you on the threat.. it's part of the scare tactic:

That's funny. But not true. (1)

professorguy (1108737) | more than 3 years ago | (#34232272)

Having a general awareness of the threats represented by viruses is a requisite for vulnerability to the scam, while someone completely ignorant of computer threats wouldn't be susceptible.

The pop up comes up and the completely ignorant doesn't click on "Install" because he doesn't have an awareness of the threat, so he clicks on "No thanks." Too bad that ALSO INFECTS HIS MACHINE.

The ones I've seen install on any client click. Only hard powering (hold the power button for 10 seconds) will prevent infection at this point, so the completely ignorant are NOT going to be safe.

Re:cue /. superiority complex... (0)

Anonymous Coward | more than 3 years ago | (#34232018)

Superiority complex? How about people refusing to learn from the last time, and the time before that, and the one before that, and before that, and the last 18 before that, and the 55 before that?

We had PC viruses spreading in the days of 5 1/4" floppies. We've had online viruses for 15 or 20 years now. This is not a NEW thing. If people, by 2010, haven't figured out that it's a bad idea to run random shit, then yes, they deserve what they get. It's time to stop trying to help them. They have NO desire to help themselves.

I know; I have tried. Really I have. Repeatedly. I've disinfected people's machines, tried to explain to them what they did and how to avoid getting infected the next time. The eyes glaze over when I explain in simple layman terms how they got infected, and in two weeks they are back in the same boat. I'm done trying to help people who refuse to help themselves. It's called "enabling behaviour" in psychological circles: when someone acts in a self-destructive way and you go clean up after their mess every time. It just lets them avoid accepting that they have a problem *THEY* need to fix.

It's 2010, folks. Malware is not some surprising new thing that nobody ever heard of.

Another more intelligent solution? (1)

Alwin Henseler (640539) | more than 3 years ago | (#34232132)

(..) how about some intelligent discussion about either educating the general public or another more intelligent solution?

History has shown that educating the public has little effect, if any. Therefore I conclude that if at any time a regular user has to make a decision about whether some software can be trusted, the method is flawed. Regardless of whether user would make the right choice or not. If a trust issue can't be decided automatically, software should be regarded as harmful & unsafe to run, period.

So any intelligent solution should focus on reliable ways to tell apart software from trusted sources (for example by using a community-maintained list of trusted vendors, and cryptography to verify downloads is genuine from one in that list), and limiting what software (trusted & untrusted) can do. Like: by default, very, very limited access rights to things like networking, persistent storage or user data, unless given more rights by administrator. For anyone that says it would cause too many warnings etc: can you explain why random game / app / desktop widget that a user runs, would need access to all user files? No idea? Yet strangely that's normally the case - sounds like a design error to me. Another example: when user selects a file to open, there's nothing stopping an app from discarding that selection & opening some other file instead (or open 2nd file behind user's back). Another design error, if you ask me - if there's an open file dialog, the apps' file access should automatically be limited (by the OS) to the user-selected file. There's many more examples like this.

Re:cue /. superiority complex... (1)

Sir_Sri (199544) | more than 3 years ago | (#34232254)

How about just letting MS put security essentials onto your computer as part of regular windows updates? You could even set it up to remove fake antivirus products automatically. And if it accidentally breaks a legitimate one, at least you have MSE on there, which may (or may not) be as good as whatever it removed but it's better than millions of people with fake AV's.

Or how about a walled garden security store in windows? If you want access you have to be approved for the national app store by the government (not MS), but then your software has to be both legitimate, and actually show up, you get the benefit of exposure and the consumer gets the benefit of legitimacy and working updates. The EU basically showed us how to do this with web browsers, security software is just as important, and if you do it pre-emptively you can avoid anti trust issues. To some degree this goes to the whole idea of security certificates, since you shouldn't be able to install an AV without a valid security certificate, assuming they can keep said certificates clean.

For all of the many (many) things wrong with microsoft, good security rules should acknowledge they happen to be in the majority right now, and we have to deal with the problems on their platform in the most consumer friendly and secure way possible. If that means that some boutique AV vendors get screwed, that's still preferable to the constant parade of broken norton installs and fake av programs out there.

Personally I have both avast and MSE. Avast messes with Opera a bit, but otherwise I'm quite happy with it. But MSE seems a bit better at catching stuff it doesn't.

really? (1)

ace418 (1011823) | more than 3 years ago | (#34231630)

If "security-conscious intenet-users" are falling for this, are they really security-conscious? For quite a few years now, Geek Squad's (and any other pc repair company) prime customers are people who fall for these types of scams. This is nothing new, except to the writer of this article.

Exploitation of fear.. who'd a thunk? (1)

countertrolling (1585477) | more than 3 years ago | (#34231648)

Fake AV scams say a lot more about the present state of the market economy and human psychology in general. Attempted fraud is an essential if you desire infinite growth through consumer debt.. A game of cat and mouse, like many things in nature.

Re:Exploitation of fear.. who'd a thunk? (1)

bonch (38532) | more than 3 years ago | (#34232150)

It also says a lot about the security design of the operating system. Many of the scareware programs mimic Windows security alerts, so users who believe they are being security-minded by going along with the prompts are actually infecting themselves.

It's a pavlovian response (3, Insightful)

Flipao (903929) | more than 3 years ago | (#34231662)

You gotta give it to companies like McAffee, Symantec, etc... they know how to scare people into handing over money so they are "protected". It was only a matter of time before people started to copy their methods.

Re:It's a pavlovian response (1)

Lunoria (1496339) | more than 3 years ago | (#34231722)

Not really. Most people know they need an Anti-virus scanner, so if a website tells them they can download one for a small fee, they will. It's no different with auto repair shops. If people don't know enough about the subject, they are usually ripped off. The AV scams are simply harder to stop, because most of them aren't locally.

Re:It's a pavlovian response (1)

Flipao (903929) | more than 3 years ago | (#34231974)

Most people have been led to believe they need an Anti-virus scanner

Fixed that for you.

so if a website tells them they can download one for a small fee, they will.

There's a difference between telling someone they can download an anti-virus scanner for a small fee and throwing an ominous looking pop up window saying something along the lines of "YOUR COMPUTER IS ABOUT TO GET INFECTED AND SOMEONE WILL STEAL YOUR BANK DETAILS YOU SHOULD PURCHASE OUR ANTI-VIRUS NOW OR ELSE".

Here is a good example [thetechherald.com]

Re:It's a pavlovian response (1)

Sockatume (732728) | more than 3 years ago | (#34231960)

The scam isn't merely getting them to pay for un-needed antivirus software, it's installing a trojan which enables them to grab people's bank details.

there is no technical fix for stupid. (1, Insightful)

Anonymous Coward | more than 3 years ago | (#34231666)

At the end of the day, the computer obeys what you tell it to do. If you tell it to do stupid shit, it's going to do stupid shit.

The fix for this problem is not technical, it is social.

Re:there is no technical fix for stupid. (1)

Lumpy (12016) | more than 3 years ago | (#34231794)

100% correct.

I solved it with relatives. They are given an ultimatum.

"You use This OS or follow my list of requirements or you are on your own."

The Relative that follow my demands have a great time. the ones that dont, cry for help at holidays, but refuse to change their ways so I do not help.

"Sorry Grandma, you wont stop downloading warez and clicking on every link you find posted on 4chan... You are on your own. Stop calling me a Tool grandma...I'm not going to help."

Re:there is no technical fix for stupid. (0)

Anonymous Coward | more than 3 years ago | (#34231934)

Your parents must be proud.

Re:there is no technical fix for stupid. (1)

tverbeek (457094) | more than 3 years ago | (#34231804)

Mod parent up.

So, uh... (2, Insightful)

Anrego (830717) | more than 3 years ago | (#34231676)

This article really was an eye opener!

Who would have thought that a large percentage of windows users are not technically inclined and easily tricked by scary looking windows!

Rumour has it that scissors can be fairly sharp, and fire is damn hot sometimes.

Also.. _really_ old news. This scam has been around for at least a decade. It followed closely on the success of the "YOU HAvE ONE URGENT MESSAGE" banner ad.

Re:So, uh... (1)

Sockatume (732728) | more than 3 years ago | (#34231970)

I think the cold-calling aspect is relatively new, no?

Re:So, uh... / Believe it or not... (1)

RFSSystems (1836080) | more than 3 years ago | (#34232164)

Those fuckers are getting REALLY crafty! Case in point... As a software developer and PC repair tech, I've seen a lot of BS from both ends of the spectrum but nothing prepared me for a "virus" that was found on a buddy's PC a few weeks ago. We were sitting around coding our Quake III mod and the small "update shield" popped up in the taskbar. The bubble popped up and said that updates were available and he needed to install them... so he did. Bad choice, my friend! A few minutes later an "Avast" bubble pops up and says that a threat has been detected. He clicked the button to stop and within a few seconds, the PC shut down. Once he managed to reboot, there were at least 10-15 Firefox windows open (ads), numerous [fake] Avast bubbles, another update shield and a shitload of warnings and error messages. He got duped. They're getting good! Thank god I run Linux for nearly everything these days!

Crazy (1)

falldeaf (968657) | more than 3 years ago | (#34231704)

Windows malware is getting insane... I don't run as admin *ever* and I don't use IE so I keep pretty clean but some *really* nasty stuff has gotten through. People love to say PEBKAC and all but with some of these programs, I wouldn't be surprised if a seasoned computer person got fooled let alone a casual user. The last one I had faked a freaking bluescreen pretty convincingly, even...

P.T. Barnum said it best... (1)

Lumpy (12016) | more than 3 years ago | (#34231740)

“There's a sucker born every minute”

Sorry, but this will NEVER go away. It's not new, it's been around for 80,000 years.

A news flash that people are easily suckered is not news to anyone.

Nothing new but certainly worth bringing up (0)

Anonymous Coward | more than 3 years ago | (#34231754)

I work at a small computer shop and killing these things is at least 75% of the work I do. They are everywhere. Norton and Mcafee have done a fine job of making people believe that their antivirus will make them invincible and that they should believe anything that pops up on their screen talking about viruses. It's like saying "OK!" to a guy that pops out of a bush and says "OMG you have swine flu! Quick, swallow this pill!"

AV companies scare their customers (5, Insightful)

benjfowler (239527) | more than 3 years ago | (#34231760)

Colour me surprised.

I recently had to install Windows 7 at home, and decided to put Norton AV on my machine. I boot up on Windows roughly once every couple of weeks to run a specific application. So I notice Norton AV popping up loads of windows, running it's intrusive update process about bombarding me with scary looking crap prompting me to read about the "latest security threats from cyber-criminals". Hair-raising stuff, especially if you're not a computer specialist.

I'm an IT professional, and _I_ find this behaviour sleazy, unethical, annoying and slightly alarming. This is a product I paid GOOD MONEY FOR. I'm PAYING to be bullied, essentially.

So I can just imagine the average user being bullied and terrified by this crap... which is not only enriching the AV vendors, but also making regular folk like lambs to the slaughter for the forces of evil out there.

I'd say that the consumer, criminals and the AV companies are really inhabitants of one ecosystem: prey, parasites and predators respectively.

Re:AV companies scare their customers (1)

Rude Turnip (49495) | more than 3 years ago | (#34231950)

I've been loving Microsoft Security Essentials for about a year now, after AVG started getting Norton-esque. It's the first AV program since AVG 7.x to actually be lightweight and out of the way.
Do not get me started on McAfee sucking down the runtime on my work laptop...

Re:AV companies scare their customers (1)

vlm (69642) | more than 3 years ago | (#34231992)

This is a product I paid GOOD MONEY FOR. I'm PAYING to be bullied, essentially.

They're stealing the patented business patented model from the airlines!

Re:AV companies scare their customers (1)

spyingwind (961097) | more than 3 years ago | (#34232186)

Tan("Where I work, 4 man IT shop w/ 50+ users, we have Norton SAV installed on ever PC. Server pushes updates. User's never see the update screen. Now that's the enterprise version, clean, not to clunky. Now just take the same software for a single home user. What do you get? crap... What happened to the good old days of a non-colorful gui? I never had installed an antivirus up until M$ update popped up an optional update with SE's. It does a decent job. I had to exclude some of my tools from its "bad hacking tools" list. I won't touch another XP machine again");

Re:AV companies scare their customers (0)

Anonymous Coward | more than 3 years ago | (#34232268)

Colour me surprised.

I boot up on Windows roughly once every couple of weeks to run a specific application. So I notice Norton AV popping up loads of windows, running it's intrusive update process about bombarding me with scary looking crap prompting me to read about the "latest security threats from cyber-criminals".

I'm not sure what version of Norton it is you're using, but 2010 and 2011 update silently in the background without alerting the user. The only pop-up I can think of is the 'Monthly Report' thing, but you can turn that off in Norton's settings.

Re:AV companies scare their customers (0)

Anonymous Coward | more than 3 years ago | (#34232284)

Anti virus companies like Symantec isn't marketing Norton for IT professionals, techies or the majority of slashdot readers. They are designing a product for people that no nothing about computers, and its simply because that is the majority of their customers.

Imagine how many phone calls Symantec support gets with customers asking why they got a virus on their machine when they have paid Symantec $40 a year for a product that was supposed to "protect them?"

You can't fix stupid, but you can try to mitigate it as best as possible.

Re:AV companies scare their customers (0)

Anonymous Coward | more than 3 years ago | (#34232290)

I know people That were so scared by norton FUD that they actually went on the internet and manually downloaded 2 or 3 other fake AV products so they were 'more secure'. I had to contact norton in these cases to save their subscription and in EVERY CASE they said 'see? you need more protection', as if it was policy.

...from the trenches (1)

neogramps (1432089) | more than 3 years ago | (#34231812)

From what I can see, working at a helpdesk with a userbase of ~30000, these are on the rise again, and in the last 2 months, I've had several infections which failed to be picked up by MSE, Avast, Spybot and Sophos. This year I've had at least 1-3 infected machines a day, 5 days a week, and 90% have been the fake-av variety. They are also getting more sophisticated recently, doing more and more damage, creating local proxies, adding in rootkits, hiding in system files (instead of user profiles). So while fake-av's are old news, they are the malware of choice at the moment, and their visibility means a larger number are detected (unlike traditional malware, which Jo Bloggs fails to notice)

They Pay? (1)

BradleyUffner (103496) | more than 3 years ago | (#34231820)

I love the fact that they actually get the people to PAY to infect their own computer. That's simply brilliant.

Re:They Pay? (2, Insightful)

John Hasler (414242) | more than 3 years ago | (#34231878)

That's because these consumers know better than to trust anything free. "You get what you pay for", right?

Re:They Pay? (1)

arkane1234 (457605) | more than 3 years ago | (#34232232)

You have to be saying this tongue-in-cheek...

They're phoning us to tell us we have a virus (1, Interesting)

Anonymous Coward | more than 3 years ago | (#34231868)

... about 4 times in the last month, someone calls us (UK) from an international number saying the computer has a virus.

The summary doesn't give much weight to it, but that's the newer news here, that there are call centres set up just to do this...

"Web-Users Fall..." (2, Funny)

Call Me Black Cloud (616282) | more than 3 years ago | (#34232000)


This is why I use gopher.

Windows users fall for fake Anti-Virus scams (0)

Anonymous Coward | more than 3 years ago | (#34232030)

There, corrected the typos .. :)

Microsoft Security Essentials (1)

BudAaron (1231468) | more than 3 years ago | (#34232158)

That's one more reason I love Microsoft... They provide me with FREE antivirus software from a trusted source!

well... (0)

Anonymous Coward | more than 3 years ago | (#34232178)

Personally I always advise against any kind of spyware or adware protection. The key is twofold: Don't download anything malicious. 2. Keep programs that interface with the outside world (such as your browser) up to date. If you follow those two things then you can't get adware or spyware.

Also , most spyware/adware protection I see tremendously slows down the computer systems they are loaded on. In addition they are simply not effective because if you execute a malicious program then it can get control no matter what protection you use..........

If you want to try out a program and you aren't sure about it then use a virtual machine and just run it in that sandbox until you are sure about it. I find virtual machines useful for doing that especially if it is for programs you will seldom use..

Oh wait this is slashdot.

My Mom fell for one of these, but on a Mac (1)

sjonke (457707) | more than 3 years ago | (#34232204)

However, she is on a Mac, so I *presume* she is safe, except for her credit card number, which she did enter in order to buy the software. I told her to cancel her credit card and she did that and they issued her a new one. It is correct that she has no worries from the downloaded software, right? These things are always Windows-only, right? Just want to make absolutely sure. Or is there some way for them to hack her account given that she provided a credit card, and probably address and such?

This is news how? (1)

Just Brew It! (636086) | more than 3 years ago | (#34232256)

Fake AV has been around for a long time. My father fell for one of those "your system is infected" ads 5+ years ago, and I had to spend an afternoon cleaning out the crapware he bought and installed when he clicked through. Fortunately all he was out was the $40 or so for the "product"; we scanned his system with some real AV and anti-malware/spyware products to remove all the junk that piggybacked its way in, and nothing more ever came of it.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>