There has been an increase in the incidence of fake anti-virus products being used to infect users with malware.
PandaLabs, Panda Security's laboratory for detecting and analysing malware, has detected an increase in the number of these applications, usually appearing on the Internet as free downloads and passing themselves off as anti-virus utilities. They can also be concealed in other files – such as music or video – downloaded by users.
Once on a system they tell the user (who is often unaware that he is running any such application) that a virus has been detected, and invites him to buy the full version of the antivirus to disinfect the computer.
If users don't purchase the anti-virus product, it continues displaying non-existent infections and pop-ups inviting users to purchase the fake security software – which in reality does not detect or delete anything. If the user does buy it, he will have paid for a useless program.
Additionally, to prevent users from checking whether they are genuinely infected or not, these programs usually attempt to block the web pages of real online anti-
virus scans as well as security vendors' sites.
"Initially, these fake antivirus programs were quite basic; however, they are becoming more sophisticated to prevent detection by real security solutions," explains
Jeremy Matthews, head of Panda Security's sub-Saharan operations.
"Many have become polymorphic – which means they are able to change their form every time they are installed on a computer. This investment proves cyber-crooks are obtaining significant financial benefits, and consequently, many users have fallen victim to this fraud."
He offers some advice on how to avoid falling victim to these fake antivirus products:
* Be careful with what you install: On many occasions these programs are associated to other downloads. i.e. users could download a legitimate program and one of these programs could be included in the package. Usually, there is a non-installation option. PandaLabs recommends users to carefully check the programs that are entering the computer during the download.
* Ignore e-mails with eye-catching news or subjects: Many of these programs have been distributed in recent weeks using social engineering techniques – sending e-mails with eye-catching subjects. These e-mails invite users to click a link to watch a video or images of the false news. If they do, they will be allowing some kind of malware to enter their computer.
* Be suspicious of unusual behaviour: If a program you don't remember installing begins to display false infections or pop-ups inviting you to compare some type of antivirus, watch out. Most likely one of these malicious programs has been installed .
* Keep all your programs up-to-date: An outdated program is a potentially vulnerable program. Consequently, you should keep all applications installed on the computer up-to-date, since many malicious codes use existing computer vulnerabilities to enter and infect them.
* Scan your computer with a reliable security solution.