These days even the web crime is following the innovative and smart ways to solve its purpose. Beyond stealing of information, the trend is to download the malicious information via user’s confirmation. This functionality of the Rogue security software is sufficed to describe it well. Rogue security programs are the latest threat to exploit social engineering techniques for monetary rewards on the Web.
A comprehensive peek into the smart strategy adopted by it would alarm you and make you think of the ways you can escape from it. But no escape, like it or not, you have to bear it. With the click of your mouse, you are downloading the software every second day thinking it to be your saviour. Neither you are at fault nor the software; it is the inherited trick of the software that plays its magic.
The rogue software is designed to look and feel like legitimate security software that is running in trial mode on the user’s PC.
The software uses malware (malicious software) or malicious tools to advertise or install itself or force computer users to pay for removal of nonexistent spyware. Rogue software will often install a Trojan horse to download a trial version, or it will do other unwanted things. Examples of the myriad phony software packages that have propagated are Winfixer, SpywareQuake, ErrorSafe, ErrorGuard, SpyShield, ApyAxe, SpywareNuker, and most recently, Spyhealer, DriverCleaner, and SystemDoctor.
Trend Micro Incorporated, an established name in the network antivirus and content security software and services has lately announced that rogue security programs have increased from two percent in early 2006 to over 10 percent in March 2007. Unlike other threats that burst onto the scene with high levels of infection, these types of threats have been steadily increasing.
“Rogue security programs are clearly on the rise”, says George Moore, threat researcher at Trend Micro. ” Once the software is downloaded, get ready to bear the self-generated warnings like your PC has been infected using pop-up windows, hijacked browser homepages, hijacked desktop wallpaper when in reality either no infection exists.
The programs can be installed in many different creative ways viz. It enables the malware author to stealthily install the program when a user simply opens an email or views a Website. Other ways include when a user visits a site with video content, the site may instruct the victim to download a video codec in order to view video content. But instead of downloading a codec, the rogue anti-spyware is downloaded, and a simple command plays the video. Pop-up banner ads that entice users to download “needed” software also provide a means for malware authors to download this rogue software.
To avoid infection by rogue security programs, Trend Micro has some advice for computer users:
· Users should purchase and use legitimate, trusted, name-brand security software.
· If notified of an infection, seek a second opinion from a reputable online scanning service such as Trend Micro HouseCall.
· When purchasing security software, check online reviews and feedback from users, as well as review the software Web site before purchasing it
· Look out for the padlock symbol in the bottom right hand corner of your window, indicating you are visiting a secured site.
[Via Trend Micr]
