Google: Fake antivirus is 15 percent of all malwareKn

According to a Google study, 15% of all malware consists of fake anti-virus (or Rogue Antivirus) software.  What does that mean to the average user, probably nothing, but are you sure that Antivirus warning you just received is really from your antivirus software?

Practically, this means that you need to be more aware of your antivirus software:

  • Know the name of your antivirus software
  • Make sure that your subscription is up to date, and that updates are occuring for both the Antivirus “engine” and the “definitions” file.  The Engine is the software itself, the definitions are what identify a virus to the engine.  So if your subscription expires you may still see engine updates, but your “play book” will be out of date and your software won’t recognize newer viruses.
  • If you receive a virus warning, make sure that pop up window refers to your antivirus software.  For example, if you run Sophos’s antivirus product, and you see a warning from “Windows 2010 Antivirus Defense”, chances are it’s a fake warning.  (Please note, you may also have “Windows Defender” running, that’s a anti-malware package from Windows).
  • If you see a valid warning, close all your applications, especially web browsers.  Don’t download anything, and run your antivirus software with a full scan…  If it detects anything attempt to clean it.
  • If you become infected, try running the Security Tango.
  • Why all this work?

    More recent fake AV sites have evolved to use complex JavaScript to mimic the look and feel of the Windows user interface,” the report continues. “In some cases, the fake AV detects even the operating system version running on the target machine and adjusts its interface to match.”

Fake antivirus is easy money for scammers, Provos said.

“Once it is installed on the user system, it’s difficult to uninstall, you can’t run Windows updates anymore or install other antivirus products, and you must install the [operating] system,” rending it unusable until it is cleaned up, he said.

Provos said when encountering a fake antivirus message, Web surfers should close the browser and restart the program. People who are duped by the scam may have to get professional help in cleaning up the computer, he said. They should also monitor their credit card accounts because scammers can use the credit card information for identity fraud.

  • Check the reputation of the antivirus packages that you are running, there are smaller companies that make antivirus packages that are not dependable.  Consider using AVG, Avast!, eTrust, and Panda Software’s Antivirus 201x for Antivirus.  For Antimalware, SuperAntispyware, Malwarebytes, and Windows Defender.  If your software is not on this list, please check reviews on cnet.com, or another trusted source.

Check out Google: Fake antivirus is 15 percent of all malware