Welcome to Computer Advisory Services Newsletter.

Increase in fake antivirus products infecting computers

PandaLabs, Panda Security's laboratory for detecting and analyzing malware, has noted an increase in cyber-crooks' use of malware in the guise of fake antivirus products to defraud users.

These applications, classified as adware by PandaLabs, pass themselves off as antivirus utilities. They often appear on the Internet as free downloads. Alternatively, they can be concealed in other files downloaded by users, including music or video files.

Once on a system, they often operate as follows: they tell the user (who is often unaware that the application is on their system) that a virus has been detected. They then invite them to buy the full version of the antivirus to disinfect the computer (you can see an example of these fake antivirus programs here).

 If users don't purchase the antivirus, it continues displaying nonexistent infections and pop-ups inviting users to purchase the security software, which in reality does not detect or delete anything. If they buy it, they will have paid for a useless program. This is how cyber-crooks reach the main objective: to profit financially through malware.

Additionally, to prevent users from checking whether they are genuinely infected or not, these programs usually try to block the web pages of real online anti viruses, security companies, etc.

 "Initially, these fake antivirus programs were quite elementary, however, they are becoming more sophisticated to prevent detection by real security solutions. Many have become polymorphic (they change their form every time they are installed on a computer). This investment proves cyber-crooks are obtaining significant financial benefits, and consequently, many users have fallen victim to this fraud," explains Luis Corrons, Technical Director of PandaLabs.

How to avoid falling victim to these fake antivirus products

- Be careful with what you install: On many occasions these programs are associated to other downloads. i.e. users could download a legitimate program and one of these programs could be included in the package. Usually, there is a non-installation option. PandaLabs recommends users to carefully check the programs that are entering the computer during the download.

- Ignore e-mails with eye-catching news or subjects: Many of these programs have been distributed in recent weeks using social engineering techniques - sending e-mails with eye-catching subjects (you can see an example here). These e-mails invite users to click a link to watch a video or images of the false news. If they do, they will be allowing some kind of malware to enter their computer, e.g. fake anti viruses.

- Be wary at the slightest indication of trouble: If a program you don't remember installing begins to display false infections or pop-ups inviting you to compare some type of antivirus, watch out. Most likely one of these malicious programs has been installed (example of pop-up of a fake antivirus)

- Keep all the programs up-to-date: An outdated program could be a vulnerable program. Consequently, you should keep all applications installed on the computer up-to-date, since many malicious codes use existing computer vulnerabilities to enter and infect them.

- Scan your computer with a reliable security solution: You are advised to periodically scan your computer with a trusted security solution. This way, if one of these samples is resident on the computer, it can be detected and eliminated. Panda Security provides, at Infected or Not, free online scan tools for home-users and companies.

If you are experiencing difficulties with any area of protection on you computer,
please contact us for further details.