Being scammed – twice! Fake anti-virus software
A tale of woe
A couple years ago, a friend of mine asked me to look at his computer. He was having some trouble getting it to run correctly. It was slow, popped up strange windows, and gave him all kinds of strange alerts. He said this was odd because he just spent $50 on some software he downloaded to protect the computer.
As soon as I saw his computer, I realized he had been scammed – in a very bad way.
My friend had been surfing the Web when a window popped up saying that he had a computer virus. It offered to fix it free. He then downloaded the software. A week later, the computer locked up with a message saying he needed to pay the $50 cost of the software to proceed, or his computer would no longer be protected.
He paid the $50.
The anti-virus software he downloaded was actually scamware. It loaded software designed to take over his computer – and charged him $50 for the privilege! That is tough news to break to a good friend.
While I was able to clean his computer, and set him up with some legitimate virus protection, this is not always possible. Often, it is necessary to reformat the computer’s hard drive to free it of the virus. This means losing all of the data and files on the computer.
According to McAfee, scamware affected nearly 70,000 people in the first quarter of 2009 alone, and the number is rapidly rising. The tricks scammers use to get people to download the software are becoming increasingly tricky. They give even a well-seasoned Web developer a pause now and again.
The problem is that the pop-ups look very much like a message from your computer, rather than a Web page. The even mimic an entire virus scanning process. Recently, I had to go into my Task Manager (hit Ctl+Alt+Del to get there), to shut down my browser in order to stop one of these sites.
Spotting the foe
A McAfee Security Insights Blog post has some excellent tips (and a great video), on how to spot these scams. I recommend reading it thoroughly.
In short, if you did not ask for a virus scan, your computer should not be performing one. If it starts to run a scan, and it does not look exactly like it does when you ask it to, go to the Task Manager (Ctl+Alt+Del), and shut down your browser.
Never download anything (virus protection, screensaver, etc.) unless you specifically looked for the program yourself. Take the same tactic I take with telemarketers; if you did not ask for it, do not buy it.
One last tip - if the grammer/spelling is poor - it isn't legitimate. It is hard to see in the graphic above, but the first sentence says "Warning!! Your system might be at risk!!" Never trust anyone who uses too many punctuation marks.