watch One-Minute World News

News Front Page
Africa
Americas
Asia-Pacific
Europe
Middle East
South Asia
UK
Business
Health
Science & Environment
Technology
Entertainment
Also in the news
-----------------
Video and Audio
-----------------
Programmes
Have Your Say
In Pictures
Country Profiles
Special Reports

Related BBC sites
Page last updated at 09:06 GMT, Wednesday, 25 February 2009
E-mail this to a friend Printable version

Experts sound scam threat warning

Antivirus 2010 fake system scan
Fake software, fake scan but the cost is real enough.

Experts are warning of an increase in the number of fake anti-virus websites.

Hackers are tricking people with a false warning, saying that the computer is infected with a Trojan and getting users to buy a fake anti-virus product.

A number of sites were closed last year when authorities in the US took action to stop sellers of "scareware".

But despite the closures, the number of sites continues to grow, with one expert saying it was "the biggest threat facing computer users today".

Matthew Woolley, chairman of the Independent Trade Association of Computer Specialists, which represents independent computer retail and repair shops across Britain, said hackers were playing on people's fear.

At the moment the bad guys are winning
Tim Danton
PC Pro magazine

"At my repair shop in Lincoln alone, we've had more than 300 users in the past six months come in with a computer infected with fake anti-virus software.

"This week, we've seen fake AVG anti-virus that was so good, one of my engineers was convinced that it was the real thing," said Mr Woolley.

"If we can't tell, what hope is there for Joe Public?"

Hackers have been employing more sophisticated tricks to dupe users into buying their fake software.

In early February, 2009, hackers put fake parking tickets on cars with a URL directing them to "view pictures with information about your parking preferences" that in reality downloaded a Trojan that then prompted the user to install fake anti-virus software.

And last weekend, a Facebook application that spread virally among users caused an error message for Facebook users.

Although the application and message were themselves harmless, searching the error message "Error Check System" in Google came up with a number of websites that claimed to have information on the supposed threat, but were really designed to perform a fake anti-virus scan of your computer.

Graham Cluley, senior technology consultant with anti-virus firm Sophos, told the BBC that it was not known if the two were linked.

"This application automatically sent itself to all your friends, saying there was a problem.

"People panicked and did what most of us would do and put the term into Google to see what it was.

Fake software fake review
Fake reviews help build the credibility of bogus anti-virus software.

"Although Google has now addressed this, over the weekend, the first three or four links would take them to a dodgy site that would tell them that they were infected with a virus. It's rather a strange coincidence".

Hackers have also created fake reviews to trick users into buying fake anti-virus software. Websites from popular IT magazines are cloned, hosted on a hacker's website, and then pages created to look like an official review.

One, claiming to come from legitimate security firm Symantec had, in reality, nothing to do with the firm. Neither was the "review" written by the claimed author.

Speaking to the BBC, Tim Danton, editor of PC Pro magazine, said it was a growing problem.

"It doesn't take any expertise to copy a website and make it look realistic.

"What we have to rely on is that the public is aware enough to look not only at the logos but at the domain and URL. People need to download from reputable sites and if users are unsure, then tools like McAfee site advisor can help," he said.

"The fight between the bad guys making fake-anti virus software and the good guys trying to warn the public about their activities is a constant one. Trouble is, at the moment, the bad guys are winning".

But clicking on a rogue link does not mean you automatically become infected. Having up to date anti-virus software will prevent most infections and many web browsers also warn of possible hostile activity.

Cliff Evans, head of security and privacy for Microsoft in the UK, told the BBC that there were a number of measures users could take to keep themselves safe.

"If you keep your firewall turned on and have your anti-virus software up to date, you should be fairly well protected. The phishing filters on Internet Explorer 7 or 8 should also help.

"If users do have any kind of infection, Microsoft run a free online scanner at www.safety.live.com and there is also a support line for anyone who has virus concerns, on 0870 6010100"

E-mail this to a friend Printable version

Print Sponsor

SEE ALSO
Parking ticket leads to a virus
05 Feb 09 |  Technology
US shuts down 'scareware' sellers
12 Dec 08 |  Technology
Microsoft to offer free security
19 Nov 08 |  Technology
Clipboards hijacked in web attack
18 Aug 08 |  Technology
Zombie plague sweeps the internet
04 Sep 08 |  Technology
Trojan virus steals banking info
31 Oct 08 |  Technology
Q&A: Stay safe online
17 Nov 08 |  Technology
Yahoo search to 'battle spyware'
06 May 08 |  Technology

RELATED INTERNET LINKS
ITACS
Sophos
PC Pro
Microsoft Windows Live OneCare
The BBC is not responsible for the content of external internet sites

TOP TECHNOLOGY STORIES
US lifts lid on WikiLeaks probe
Bing gains market share in search
'Virtual human' makes Xbox debut

FEATURES, VIEWS, ANALYSIS
Horses sculpture in memory of Genghis Khan, Ordos, Inner Mongolia Ghost town
Has China's housing bubble burst?
Afo - the world's oldest clove tree The guerilla plant
How the world's oldest clove tree defied an empire
Sergei Polunin Walking away
Why Royal Ballet principal Sergei Polunin quit

Skip to top

PRODUCTS & SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific