Security Corner

Aug 16 2010   12:05AM GMT

What the Heck is FakeAV?

Ken Harthun Ken Harthun Profile: Ken Harthun

I’d love to have a dollar for every time I’ve had to clean off FakeAV junk from a PC and then (diplomatically) explain to the user that they’ve been tricked. “But Windows Security Center popped up and said my PC was infected,” they cry. I feel for them; it’s definitely a slimy trick by slimy Internet criminals. So, I figured I’d better explain what this threat is and how to spot it before it lightens the wallet.  First, a definition from Sophos’ excellent publication (recommended reading) What is FakeAV? :

FakeAV or Fake AntiVirus, also known as Rogue AntiVirus, Rogues, or ScareWare, is a class of malware that displays false alert messages to the victim concerning threats that do not really exist. These alerts will prompt users to visit a website where they will be asked to pay for these non-existent threats to be cleaned up. The FakeAV will continue to send these annoying and intrusive alerts until a payment is made.

For those of us who are savvy, these things are easy to spot; we’re usually aware of what AV software we use and know that what’s warning us isn’t our system. But, for the uniformed, such convincing names as those listed below usually work:

  • AntiSpyWarePro
  • Antivirus Plus
  • Antivirus Soft
  • Antivirus XP
  • Internet Security 2010
  • Malware Defense
  • Security Central
  • Security Tool
  • Winweb Security
  • XP Antivirus
  • Digital Protector
  • XP Defender

Pop-ups also catch people especially because they resemble what Windows would do. Here’s what one unlucky user had to say in a forum: “I learned a $90 lesson yesterday. If a window pops up (even if it looks just like Windows) and tells you your computer is ‘infected’, DON’T acknowledge it. Don’t click ‘Yes/Scan’, ‘No’ or anything. Just turn off your computer. ” To that, I would add one more step:  Call your friendly local Geek for a good PC clean up and protect session. Here’s a shot of a typical “System Scan” screen.

And one more thing: Please don’t click on links or open files in emails if you don’t know where they came from, even if they look legitimate.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: