Thursday, April 29, 2010

Google Issues Warning Over Fake AV Programs

Google has issued a warning that fake AV and anti- spyware and malware programs account for as much as 15% of all malicious software. Once these fake security programs are installed, they collect personal information and send it to others (botnet), and/or compromise the user's computer in other ways. Perhaps worst of all, many victims wind-up "buying" the program which then infects their computer!

Common methods of infection include the pop-up box, which appears whenever you land on infected sites, and claims to have detected infected files or security shortcomings on your PC; the e-mail which claims your system needs updates, and offers either a link to an "update site" or a file attachment to be installed; the e-mail purportedly from a known company, or entity with which you do business, asking to verify your account and/or personal information; and more. While most people know better than to download or install executable programs received in e-mail, many of these attachments are PDF files, which are quickly becoming the more popular way of distributing infectious code (Adobe recently released an update to combat this).

Many times, the user is asked to download and install a file or program, or allow an offsite service access to their system to run "tests" or cure infected files, but he may also be told that he is updating his operating system, or a program already installed. If you already have anti-virus software, then you do not need more. If your programs and OS are set to automatically update (suggested), then you should not worry about that. Few companies or programs send updates via e-mail, anyway - usually, the program will tell you that updates are available whenever you run it. Common sense can help you avoid many of these ruses, but hackers are crafty and change their methods often.

Google said that while most of these malicious programs and code were distributed via advertisements, some hackers create false information sites based on popular news items and trends, which infect visitors' machines whenever they click on malicious links.

© C Harris Lynn, 2010

No comments: