Dean F. Asks:
The other day I had a box pop-up on my screen that said my computer was infected (it didn’t say with what) and that I needed to do an immediate scan with their online scanner and then purchase the program to get rid of it. I thought it was from Microsoft, but I didn’t click on it because I have my own anti-virus and anti-spyware protection. I ran scans after that and had no infections, but this makes me uneasy. Was the warning right and caught infections that I have that my programs didn’t?
Congratulations, Dean! You were so right in not having any part of that “warning”! What you experienced is a (pop up) hit by a rogue anti-spyware program, commonly referred to as rogueware. And in case you’re wondering: most pop-up blockers cannot block rogueware attacks. Not yet, anyway.
A rogueware program claims to be an anti-spyware program and it’s not; in fact, it’s just the opposite. These programs are the ones that pop up and say, “Warning! Your computer may be infected with spyware! Click for a free scan.”. Well, you may not have an infected computer when you got this pop-up, but let’s just say that if you clicked for a free scan from that program, you do now. Actually I stand (or sit) corrected: Most rogueware programs of today infect your computer the minute that their pop-up appears. The fact that you ran scans and your programs found nothing indicates to me that you were lucky and only got one that wanted your credit card, not one that wants to hijack your computer and get your credit card.
Some basic facts:
Rogue software (also called scareware and extortionware) is now the largest and most prevalent form of online fraud. The amount of money that rogue software is raking in is astounding. A Panda Security Analysis estimates that some 35 million computers are infected each month, and that last year’s revenue from rogue software was in excess of $400 million dollars. While normal (normal?) spyware comes in and takes your information without being asked, it still has to find ways to make money by using that information. Rogue software, however, does not. Rogue software make their money by preying on the panicked computer user (Warning! Your computer might be infected!)– and tricking them into paying for the fake anti-virus/malware program because they felt they needed to. Now the bad guys have not only your $49.95 (sometimes more, sometimes less) that you paid for the program, they are now in possession of your credit card, address, etc. – and you gave it to them! Knowingly! And here’s more great news: These people first make money off of you, and then they resell the data they have acquired – from you – to other companies that will find other ways to use it to make more money. Online fraud is spiraling out of control, and it doesn’t look to get much better.
The types of rogueware programs I mentioned that actually hijack your computer are labeled “super” rogueware, and are the ones that look more or less identical to other anti-virus/anti-spyware programs. These are the ones where you don’t have to click on anything to infect your computer, the pop up is enough to do it for you. After your computer is hijacked, it takes over all security features that you have installed and won’t let you install anything else. Trying to run scans are a joke; rogueware won’t let any spyware removal tools work at all. My all-time personal fave (since it took me almost two hours to get rid of it and I had to use a second computer to do it) is Anti-Virus XP 2010; it looks a lot like Windows Security Center. Let’s compare the two:
Here’s a screenshot of Windows XP Security Center:
And here’s one of Anti-Virus XP 2010:
They might not be identical, but they look close enough to me to cause a bit of a panic.
Is it live or it is Memorex? How can you tell?
First off, Microsoft (or any reputable company) will not send you a pop-up when you are infected; that’s what your anti-spyware and anti-virus programs are there for.
Second, no reputable company whose software that you did not install – will charge you up front to get rid of any infections.
Third, if you look (really look) at the name and it is not your program, there you go.
Enough already. How do we stop the madness!?
Awareness is the key to being one step ahead, and you have that one nailed. Aside of that, there are things you can do that you may or may not have thought of to not ever contact this stuff. Click here to read about what you can do to prevent spyware in general. One important tip advises you to not click – never click! – on anything – everything! – when you don’t know what it is. Even if it looks like you need to, you really want to, you know it’s safe – don’t click!
That’s one basic step. With this rogueware stuff, I would just adhere to one specific rule:
Make sure you have up-to-date security software installed.
That’s it. Then when you get infected, your program will provide the pop up alerting you – not some bogus piece of rogue software. In addition, if you have up-to-date security software installed, you can ignore any pop ups that do come your way –safely – and with peace of mind.
Scary stuff, huh? It’s just another type of ware to make sure and protect ourselves from.
Thanks for the question, Dean.
Click here for an extensive listing of rogue software.