Scareware Scam Growing Problem

A place to discuss malware of every flavor, e.g. Storm, Waledac, Conficker and Zeus

Scareware Scam Growing Problem

Postby tex.writer » Tue Mar 16, 2010 6:11 am

‘Scareware’ Poses Danger to Consumers
http://www.avertlabs.com/research/blog/ ... re-danger/

On March 9 McAfee warned consumers that “scareware,” or fake anti-virus software, may be the most costly online scam in 2010, causing significant monetary loss and damage to users’ computers.
<snip>
For many of these “products,” only the name changes. This trick maximizes a malware developer’s chances to catch victims. The scareware companies create website after website with a single rogue offer repeated under various names. Fake-alert malware and scareware software are numerous. But scareware companies are restricted in number. Perhaps between 30 and 50. The names change, but the managers remain the same.

Many similarities to fraud pharma operations in this analysis of scareware operations.
tex.writer
Spam Reporter
 
Posts: 114
Joined: Fri Feb 20, 2009 5:14 pm

Re: Scareware Scam Growing Problem

Postby meep » Tue Mar 16, 2010 3:14 pm

Yes, this form of malware is definitely more pervasive.
User avatar
meep
Spammers' Nightmare
 
Posts: 2777
Joined: Thu Apr 05, 2007 4:10 pm

Re: Scareware Scam Growing Problem

Postby ahoier » Wed Mar 17, 2010 12:25 pm

Yea, I can see it. This particular scam has been around for ages, but people still fall for it. I know my mother did....I did the bad thing and got her on Myspace cause she had "friends" and relatives on there....well, she happened to find a "Your Computer is infected!" banner ad, and clicked on it, and ended up with "Secure Tool" scamware.....

Funny, cause after I clean it all up, she hands me a Kaspersky CD to install "so they can't infect her anymore" - I go....well mom, if you didn't "allow" the infection in Windows Defender you wouldn't have gotten infected in the first place! Told her to go return the unopened software (she paid like $70 for it she said!) and just watch out for the Windows Defender pop ups.....or just stay off myspace :P

No software is going to save anyone if they "allow" or "accept" the threat....heh
ahoier
Spammer Killing Machine
 
Posts: 593
Joined: Thu Apr 03, 2008 4:33 pm
Location: Florida

Re: Scareware Scam Growing Problem

Postby AlphaCentauri » Wed Mar 17, 2010 5:50 pm

I don't know about Kaspersky, but at least some scareware would be stopped by AV programs that include anti-adware/anti-spyware/anti-malware protection. They won't get 100% of it, especially if it's a banner ad leading to a website that can be updated as often as they want (as opposed to an email attachment that is frozen in time as soon as they hit "send"), but I wouldn't let her on the internet with no AV at all. :shock:
User avatar
AlphaCentauri
You are kiillllling-a my bizinisss!
 
Posts: 5989
Joined: Thu Mar 01, 2007 3:01 am

Re: Scareware Scam Growing Problem

Postby meep » Wed Mar 17, 2010 6:02 pm

Kaspersky AV is one I would actually pay for as a user who is not particular net-saavy. I rarely recommend any of the shareware Anti-Virus programs. I had a trial version of Kaspersky and was generally impressed. Still, being vigilant online does go beyond having up-to-date AV.
User avatar
meep
Spammers' Nightmare
 
Posts: 2777
Joined: Thu Apr 05, 2007 4:10 pm

Re: Scareware Scam Growing Problem

Postby AlphaCentauri » Wed Mar 17, 2010 6:06 pm

The main downside to Kaspersky is that it's so popular the malware writers specifically test against it to see if they can evade detection. The same holds for other programs like Norton. They are victims of their own good reputations.
User avatar
AlphaCentauri
You are kiillllling-a my bizinisss!
 
Posts: 5989
Joined: Thu Mar 01, 2007 3:01 am

Re: Scareware Scam Growing Problem

Postby ahoier » Wed Mar 17, 2010 8:25 pm

Yea, I got her Avira and it seems alright. But my whole deal was, if she's gonna "allow" Windows Defender and the UAC prompts(which she did, lol; I confirmed it by looking in the Windows Defender History, it showed she allowed the Run entries, and some other registry variables....), then she would likely just "allow" whatever Kaspersky "tries" to block ;)
ahoier
Spammer Killing Machine
 
Posts: 593
Joined: Thu Apr 03, 2008 4:33 pm
Location: Florida

Re: Scareware Scam Growing Problem

Postby tex.writer » Wed Mar 17, 2010 10:32 pm

I also help "Mom" with all her computer problems. Her expenses for security & malware removal over the past few years have ranged from $50.00 for a security package to $99.00 for a visit to the local outlet of national tech support service. Real & potential expenses have ranged from the low of $50 to a high of $800.00(cost of tech service recommended replacement computer (aaargh) + security software.)

Microsoft, in a recent blog about the Waledac takedown estimates that 70,000-90,000 computers were 'freed' from the botnet controllers. These 70,000-90,000 computers can no longer be controlled by the Waledac botmasters. However, they are far from being 'fixed.' Microsoft reports the computers remain infected with Waledac and other malware and some are still sending spam.

Some estimate of the enormous expense associated with fixing computers damaged by any type of scamware or malware can be made using the Microsoft estimate of the size of the Waledac botnet.

Taking that $70 dollars Ahoier's mom believed was necessary for security software & multiplying it by 90,000 (the high-end estimate of computers recently freed by Microsoft, but still infected with Waledac and other malware) the minimum cost of fixing just the computers in the Waledac botnet = $6,300,000.00

If we go the budget route on those 90,000 computers, another estimate of the minimum cost of malware removal and protection is $50.00 x 90,000 = $4,500,000.00.

If "Mom" did not have a tech-savvy person to help her, or if the infected computer belongs to a business who pays for staff or outside suport for malware removal & protection support, a minimum cost estimate is $99.00. $99.00 x 90,000 = $8,910,000.00.

After one has been infected with something that requires professional support, the tendency is to purchase a better security package. This increases the cost of fixing a computer infected with malware. Total minimun estimated cost for 90,000 computers that require professional support + new security software is $8,910,000.00 + $4,500,000.00 = $13,410,000.00

So, a very non-scientific estimate of the minumum potential costs to fix and protect the number of computers found in a reportedly small botnet such as Waledac range from $4,500,000.00 to $13,410,000.00. These estimates are only one part of the total cost of cybercrime. Additional costs include the mitigation and avoidance efforts made by legitimate network providers and security services to prevent or stop cybercrime activities.

Whenever I read news about a spammer receiving a small financial fine or a minimum prison sentence, I know the legal system here and elsewhere continue to operate in the dark about the actual personal and business damages associated with cybercrime.
tex.writer
Spam Reporter
 
Posts: 114
Joined: Fri Feb 20, 2009 5:14 pm


Return to Malware

Who is online

Users browsing this forum: No registered users and 1 guest