By Brad Bromelow, VP Operations
Use of fake anti-virus, anti-spyware software is a fast-growing scam, especially as more people become aware of the dangers of spyware, adware and malware. Fake antivirus programs, or scareware, are very common and provide a way for scammers to make easy money. The scammers prey on the fears of Web surfers who are misled into believing their systems are infected and then pay, typically, $50 for a program that not only doesn't protect their computers, but often turns out to be malicious. By following the tips below, however, users will be better protected from becoming the victim of scammers, identity thieves and hackers.
Some general security practices to avoid malware attacks include not opening attachments from unknown senders, changing passwords regularly, and using additional measures such as firewalls or anti-spam software. The complete list of prevention tips for fake antivirus attacks along with a common list of fake software can be found below.
- Never open an email attachment unless you are POSITIVE about the source. Don't trust unsolicited files or embedded links, even from friends. It's easy to spoof email addresses, for instance, or to disguise a harmful link so that it looks like something quite different, whether it's in email, chat or whatever.
- Do NOT click on any pop-up that advertises anti-virus or anti-spyware software, especially a program promising to provide every feature known to mankind. (Also remember: the fakes often mimic well-known brands such as Grisoft AVG, Norton and McAfee.)
- If a virus alert appears on your screen, do NOT touch it. Don't use your mouse to eliminate or scan for viruses, and DON'T use your mouse to close the window. Instead, use alt+F4 to close the window. Call your computer maker's phone or online tech support service to learn if you can safely use your computer.
- Do not download freeware or shareware unless you know it's from a reputable source. Unfortunately, freeware and shareware programs often come bundled with spyware, adware or fake anti-virus programs.
- Avoid questionable websites. Some sites may automatically download malicious software onto your computer.
- Although fake software may closely resemble the real thing, it's rarely an exact match. Look for suspicious discrepancies, or contact support for verification.
- Don't disclose sensitive information on public websites like FaceBook or LinkedIn. Even information that in itself is innocuous can be combined with other harmless information and used in social engineering attacks.
- If sensitive information is stored on your hard drive, protect it with encryption and by regularly backing up your data to a separate disk and, where possible, a remote site or facility.
- Don't use cracked/pirated software! These are easy avenues for introducing malware into, or exploiting weaknesses in, a system. This also includes the illegal P2P (peer-to-peer) distribution of copyrighted audio and video files: some of these are counterfeited or modified so that they can be used directly in the malware distribution process.
- Don't connect to just any "free Wi-Fi" access point: it might alter your DNS queries or be the "evil twin" of a legitimate access point, set up to intercept your logins and online transactions.
- Check out this list of rogue/fake anti-virus and anti-spyware products.