Computer Security Software » cyber crime

The Profitable World of Fake Antivirus Software

LouiseG — Thu, 07 Jul 2011 11:03:50 +0000

The fake antivirus software industry makes underhand firms hundreds of millions of dollars in revenues. Researchers at the University of California at Santa Barbara (UCSB) studied back-end servers containing fake software samples, databases of installations, purchases, refunds and technical support conversations dating from March 2008 through to August 2010.

The research performed by UCSB, which is probably the first study of its kind, discovered less than 10% of victims who fall for fake antivirus software try to get their money refunded, what’s more surprising may be that some firms do refund money to victims.

The Cost of Fake Antivirus Software

Fake antivirus software costs victims between $49.95 to $69.95 for six-month licenses, and $79.95 to $89.95 for lifetime licenses. Three operations were investigated as part of the research with revenues generated by firm 1 (AV1) of $11 million, firm 2 (AV2) $5 million and firm 3 (AV3) a massive $116.9 million.

The conversion rates of purchases of the fake software varied between 2.1 and 2.4 per cent. For AV1 they installed around 8.4 million trial versions of fake software and this generated 189,342 sales to the “full version” within 3 months. A 2% conversion rate is high and it’s worrying so many people fall for this scam.

Refunds of Fake Antivirus Software

The study showed AV1 granted 5,660 refunds, or 3% of its sales; AV2 granted 11,681 refunds, or 8.5% of its sales; and AV3 granted 151,553 refunds, or 7.1% of its sales. Most victims even got their refund within seven days.

The AV firms in the study would monitor the amount of refunds requested from victims’ credit card companies. When chargebacks increased over a short period of time the fake virus firms would grant more refunds, as this lowers the rate of chargebacks and allows for the firms to operate their business for a longer time period.

However, refunds are kept to a minimum in order to keep their relationships with the credit card payment processors good. An unusually high number of refunds would alert payment processors to the fraudulent activity.

Sometimes payment processors are in on the fake software operations. One email conversation discovered during the research warned an AV firm to change its product name so as not to end up on Google as a fake antivirus product. The reason behind this loyalty could be attributed to the payment processing firms charging 8-20% per transaction to “high risk merchants” with high volumes of chargebacks.

Fake AV firms are typically run by organised criminals who rely on affiliates to act as sales people to infect as many computers as possible. Affiliates for fake antivirus software can earn a lot of money with commissions of anything up to 80% per sale, one affiliate earned a whopping $1.8million in only two months.

How to Prevent the Purchase of Fake Antivirus Software

Fake antivirus software firms can be very sophisticated even offering technical support via call centres in India, which makes it very hard for people to spot they are not using authentic antivirus software. To prevent yourself from purchasing fake software you should always research the product you intend to purchase by reading antivirus reviews.

Guest Article by Louise Goldstein

Japanese Tsunami Scams

Neil Camp — Thu, 24 Mar 2011 13:24:26 +0000

It may be hard to believe, but the antivirus security industry has reported that cybercriminals are already exploiting the horrific situation in Japan.

The antivirus security industry said that soon after the disaster began to be reported worldwide across the internet, cybercriminals were establishing scams and doing as much as they could to exploit the situation.

It’s become a trend that once a big news event begins filling the ether, cybercriminals quickly set out to highjack the search terms and in effect, poison the results which relate to the story. This might happen in the case of news about a particular celebrity (the death of Michael Jackson was a great example), or a natural disaster (such as the New Zealand earthquake).

Antivirus security companies are warning their customers to be very wary of some of the search results when looking for “Most Recent Earthquake in Japan”. This search term is leading to many fake AV variants.

Another antivirus security company reported that they had spotted a Japanese Tsunami related Facebook scam. This was based on a survey and encouraged participants to give away personal data.

The industry is warning all computer users to be extremely vigilant when it comes to clicking on certain search engine results. They explain that cybercriminals move extremely fast to control the ‘search engine’ real estate on certain suddenly popular search terms. And because they can invent news and facts, they can react more quickly than genuine news sites and forums, that take longer to check out facts, or process basic information.

One way to try and avoid being caught by the spammers, is to use a service such as Google News Filter, which applies its own vetting procedure to search results. Furthermore, incoming emails with links on the subject of the earthquake, or Facebook posts that contain links, should be treated with suspicion unless they can be verified as being legitimate.

As always, a degree of cynicism appears to be the best approach.

Guest Article by Neil Camp

Wolves in Sheep’s Clothing

Neil Camp — Fri, 18 Mar 2011 15:51:48 +0000

Data capture by cybercriminals is most definitely on the increase and we all should know the dangerous implications of being robbed online.

But are we so certain that we’re not victims of a more subtle form of data capture, one practised by the big legitimate companies.

Just because it’s a high-street operation, and one that has a very recognisable brand, does not mean that they are immune to trying to wheedle out as much information as they can from their customers.

Nowadays marketing efforts live, or die on personal data. Customers are not merely sold to, or encouraged to buy, they are targeted. Firstly, they are defined and secondly, they are profiled. This is because, and let’s be honest here, companies don’t want to waste efforts selling something their customers don’t want.

Take the large ecommerce operations which quickly build profiles of their customers because they closely monitor their buying habits. Say one customer has bought a particular type of book in the past, the online retailer will store this information in a complex database and regularly send out up dates to let the customer know of other books they might fancy within the genre, or just any books just published.

Despite some reservations, the system actually works as it allows the customer to be targeted correctly which leads to a lot less time being wasted for the company and their customers.

There are two downsides of course. Firstly, the very real danger that the data might get into the wrong hands and be used for nefarious means. Secondly, this sort of marketing destroys the sense of serendipity when it comes to shopping.

Take the first point. Companies are becoming ever more sophisticated at capturing data, so much so, that anyone completing an online data form, should always check out the small print terms and conditions. The rise in social media has resulted in so much personal data being out there (and inter-linked), that some companies will see that information as worth mining and storing on their database. Thus, a company might not just be acquiring your data, but your network of friend’s data as well.

Now, arguably, with a responsible company, that does not matter, because, given they have a reputation to keep and Data Protection Laws to adhere to, they will bend over backwards to protect their databases. But, with less scrupulous companies, there might be a temptation to sell their data on, or ‘lose it’ through poorly protected IT systems.

And this ‘precision bombing’ approach to marketing does lose the sense of serendipity, of browsing through products that you haven’t bought before, just because the company can’t be that clever (based on moods and whims) to calculate your future tastes. At least not yet!

But the point is, always be careful when you handover your personal data. Mostly it will be used responsibly, but if you have any doubt, it’s best to run for the hills and refuse to hand it over!

Guest Article by Neil Camp

Social Networking Internet Security Attacks

LouiseG — Mon, 24 Jan 2011 08:10:09 +0000

Social networking is a popular online activity. Millions of people have social profiles on sites such as Facebook and Twitter. Due to their popularity these sites they are prime targets for cyber crime attacks. Internet security threats via social networks are on the up, so it is essential you are aware of the risks.

Twitter and Facebook are very appealing to hackers as they are very easy to reach millions of computer users very quickly. Internet scams and spam messages are sent from supposed “friends”, which instantly give a false element of trust. When browsing your favourite social network typical behaviour involves clicking shared links which if caught of guard could harm your computer.

As well as social networks being used to spread links which direct you to sites with malicious code and fake antivirus software, your data can be harvested to be used for fraudulent activity. As these attacks are becoming increasingly common luckily a lot of social network users are becoming wise to suspicious activity.

The reason for the growth in social networking internet security attacks is due to the continued improvement in spam email filters, coupled with the fact computer users are becoming more email security conscious. People realise when they have received a scam email as the same old tricks have been used by Internet criminals for years now.

Social networking remains a relatively new phenomenon. Many young people use them who do not have internet security high up on their agenda. Sometimes scam messages will come from friends’ accounts which have been hacked so it can be difficult to spot harmful content.

According to the National Fraud Authority in the UK threats to internet security threats from malware and spyware via social networking has increased 90% since 2009, whilst spamming has doubled over the last couple of years.

To protect you and your computer whilst using social networks, be wary of any links to stories or videos that sound too unbelievable. Also be aware of people who want to connect with you who you don’t know.

Guest Article by Louise Goldstein

Get Safe Online Warns Computer Users

Neil Camp — Thu, 18 Nov 2010 15:48:08 +0000

Get Safe Online, a campaign group which promotes good anti-virus security practice, is warning computer users about cold calling techniques used by organised crime gangs.

Anti-virus security is back on the top of the agenda after it’s been revealed that gangs are becoming ever more sophisticated when it comes to persuading people to download malicious software and then steal personal information.

The gangs are said to have established sophisticated call centres, mainly in Eastern Europe and Asia, in which hundreds of people are employed to cold call contacts in various countries – the UK included – and persuade them that their computer is infected and that the only way to fix the problem, is by downloading particular software onto their computers.

Another way to persuade people is via screen pop-ups which flag a erroneous message which claims that the computer is infected and that the proffered download is the only way to the ‘clean’ the software.

Google confirmed some months ago that it was seeing a huge amount of fake anti-virus software being pedalled on the internet.

The download malicious software is cleverly designed to look like the anti-virus security applications developed by the top companies which produce anti-virus products.

The criminal gangs either use the information they harvest themselves, or sell it to other gangs via online market places.

The UK police take the problem seriously and plot the criminals activities via the Serious and Organised Crime Agency, which is known as Soca. The deputy director of Soca, Sharon Lemon, said:
“In recent cases, we have seen gangs employing 300 to 400 people to run their operations and using call centre-scale set ups to target victims en masse.

“They can also be paying out as much as $150,000 (£92,000) a month to individual webmasters who are unwittingly advertising their fake software – this level of investment from criminals indicates that the returns are much heftier than this.”

The Head of Get Safe Online, Tony Neate, said:
“This is big business, and it’s preying on people’s fears of the internet. The internet is a great place but when somebody phones you up and tells you have a virus on your machine, you will start to panic.”

Experts reckon that some criminal gangs who promote fake anti-virus software applications can generate sales of over four million pounds a year.

Guest Article by Neil Camp