Symantec Warns Over Rising Use Of Scareware

Symantec has warned in a new report that online criminals are duping members of the public into purchasing rogue security software, by employing increasingly persuasive online scare tactics.

Symantec defines rogue security software (or ‘scareware’) as software that pretends to be legitimate security software. It warns that these rogue applications provide little or no value and may even install malicious code or reduce the overall security of the computer.

In its findings of its ‘Rogue Security Software report’, Symantec said that that cybercriminals are potentially growing very rich indeed by employing this technique. It says a new generation of organised criminals are earning more than 34 times the average UK worker’s salary every year.

For example, Symantec says scareware can net cybercriminals profits of more than £850,000 a year. In order to get to the £850k figure, Symantec looked at an average week’s sales on a leading rogue security software distribution site, where affiliates can register to obtain the appropriate files and links to market the scam. It then multiplied the figure by 52 and converted it into pounds.

And even more alarming is the fact that according to the study, 93 percent of the software installations for the top 50 rogue security software scams were intentionally downloaded by the user, believing they are doing the ‘right’ thing.

Professor David Wall, an expert in cybercrime from Leeds University told eWEEK Europe that scareware manufacturers are becoming increasingly adept at manipulating people emotions.

“The typical scenario is someone is busy working away on their PC and up flashes this warning. With sophisticated scareware, the warning looks like it has come from their own operating system,” said Wall.

“The warning will say something like ‘you are under attack and in 20 seconds, your hard disk will be erased. Please click here for remedies,’” Wall said. “People click the link and are hooked. In four minutes it is all over. Sophisticated scareware can claim to fix a problem. It is a scammer’s dream if people think they have brought a service, as there is little to no come back.”

Professor Wall also noted that scareware is moving away from criminal boundaries, and is increasingly lurking in a grey area, where it is hard to justified punitive action. “Some scareware is like a nasty form of entrapment marketing,” said Wall. “I have it on good authority that there is a distinct trend to make it more like a clean scam, but it is still wrong. Indeed, many victims actually don’t believe they have been a victim.”

He said that often police cannot act in these cases, and the Crown Prosecution Service will not think it is in the public interest to prosecute, and therefore cyber security companies don’t have the authority to intervene.

“Someone is getting away with a lot of other people’s money,” Wall said. “A lot of findings from various companies in the cybercrime industry all point to same trend. In the last 6 months of this year, there has been a marked increase in the amount of scareware circulating.”

“It is all about plausibility when these pop up warnings appear,” he said. “People trust these symbols because it runs their computers. If they tell people to download software and then people are asked to pay for an upgrade, the user doesn’t feel scammed. In earlier days a skull would have appeared on your screen threating to eat your hard drive. Now it has become silky smooth social engineering.”

“The public has to be more cyber savy and they must use their gumption,” said Wall. “People must also make sure they keep their operating system up to date, as well as installing some security software.”

As of June 2009, Symantec has detected more than 250 distinct rogue security software programs. The initial monetary loss to consumers who download these rogue products ranges from $30 (£18) to $100 (£61).