Tag: scareware

Google Secure Search–more than just privacy-enhancing

Article

Scareware slingers stumped by Google secure search • The Register

My Comments

Google has allowed users to perform a “Secure Search” option where their search-engine transactions are encrypted between the Google servers and their computer. This can be either facilitated through the user typing https://www.google.com or setting it as a default for their Google services account.

Obviously this feature is intended to provide a private secure-search sessions over open networks like Wi-Fi hotspots that are set up in the common open manner. But this also has a side benefit where destination Web sites don’t know what search terms are passed to them, thus making it harder to tune search search listings without the use of tools like Google Analytics.

The key obvious benefit is to stop the appearance of “poisoned” search listings that lead users to “scareware”. These are Trojan Horses which appear to be legitimate system utilities but are intended to separate the user from their money by spruiking horrendous system conditions to the user. Of course, I have had to deal with this menace by removing these programs from various friends’ computers.

The only limitation with this setup is that it only applies by default for people who are currently logged in to a Google service of some form like GMail. For users who share computers, they would have to start a Google-services session then head to the Google.com Website to start searching; or simply remember to type the https prefix. This can be achieved through the Google bookmark, favourite item or Intranet page hyperlink pointing to https://www.google.com .

At least this is another Web security item that offers more than is typically highlighted.

Fake “virus-infection” phone calls–be aware of them

News Article

Phone scammers target computer owners | ABC News Australia

Alert over scam phone calls about bogus computer virus | Wolverhampton City Council (United Kingdom)

My Comments

Just today, a friend of mine who I live with received a phone call on our house phone saying that their computer is infected with a virus and she was being instructed to do certain procedures on the household computer. Luckily she told the caller to hang up and put the phone down and didn’t head towards the computer. This was very good for someone who hasn’t much familiarity with computer technology.

This is part of a scourge that is affecting home and small-business computer users and computer novices are more likely to be at risk of this fraud because they may not know the difference between a virus attack or a computer being very sluggish.

There has been some press coverage and coverage in government consumer-protection Websites and bulletins around the world concerning this topic, with a lot of weight placed on reference to the scammers claiming they represent Microsoft. But the scammers can pretend they represent other legitimate IT companies like antivirus software firms.

If you needed outside help regarding computer issues, you will most likely have initiated the contact yourself, whether through your computer-expert neighbour, relative, friend or acquaintance; your workplace’s IT support if your workplace has such a department or your computer supplier.

What these callers tend to do is to lead the user to download and install malware, usually in the form of spyware or fill in forms with email addresses and credit-card details in order to facilitate various forms of fraud against the user. This can be in the form of milking their bank account and credit-card of useable funds, inundating their email inbox with spam email or stealing other information that is confidential to them or their business operations.

So I would encourage all users to be careful of unfamiliar “call-centre” phone calls about computer viruses or similar issues and simply hang up when they receive these calls. As well, they should keep their desktop security programs on their computers up-to-date so as to protect against the various scams.

Other tactics that you may consider would be to threaten the scammers with legal action or question them about whether they can do business legally in your country. A good example would be asking them for their tax-registration details that are required of them if they do business in your country, such as the VAT registration details if you are in Europe or the Australian Business Number if you are in Australia.

Criminal legal action now being taken concerning “scareware”

 Articles

Scareware Indictments Put Cybercriminals on Notice – Microsoft On The Issues

Swede charged in US over ‘scareware’ scheme | The Local (Sweden’s News in English) – Sweden

US-Behörden klagen Scareware-Betrüger an | Der Standard (Austria – German language)

From the horse’s mouth

FBI Press release

My comments

What is scareware

Scareware is a form of malware that presents itself as desktop security software. Typically this software uses a lot of emphasis on “flashing-up” of user-interface dialogs that mimic known desktop security programs, whether as add-on programs or functions that are integral to the operating system. They also put up dialogs requiring you to “register” or “activate” the software in a similar manner to most respected programs. This usually leads you to Web sites that require you to enter your credit-card number to pay for the program.

In reality, they are simply another form of Trojan Horse that is in a similar manner to the easy-to-write “fake login screen” Trojans that computer hackers have created in order to capture an administrator’s high-privilege login credentials. Some of the scareware is even written to take over the computer user’s interactive session, usually with processes that start when the computer starts, so as to “ring-fence” the user from vital system-control utilities like Task Manager, Control Panel or command-line options. In some cases, they also stop any executable files from running unless it is one of a narrow list of approved executable files. They are also known to nobble regular desktop anti-malware programs so that they don’t interfere with their nefarious activities. This behaviour outlined here is from observations that I had made over the last few weeks when I was trying to get a teenager’s computer that was infested with “scareware” back to normal operation.

Who ends up with this scareware on their computer

Typically the kind of user who will end up with such software on their computer would be consumers and small-business operators who are computer-naive or computer-illiterate and are most likely to respond to banner ads hawking “free anti-virus software”. They may not know which free consumer-grade anti-virus programs exist for their computing environment. In a similar context, they may have found their computer is operating below par and they have often heard advice that their computer is infested with viruses.

What you should do to avoid scareware and how should you handle an infestation

The proper steps to take to avoid your computer being infested with scareware is to make sure you are using reputable desktop security software on your computer. If you are strapped for cash, you should consider using AVG, Avast, Avira or Microsoft Security Essentials which have the links in the links column on the right of your screen when reading this article on the site.

If you have a computer that is already infected with this menace, it is a good idea to use another computer, whether on your home network or at your workplace, to download a “process-kill” utility like rkill.com to a USB memory key or CD-R and run this on the infected computer immediately after you log in. It may alos be worth visiting the “Bleeping Computer” resource site for further information regarding removing that particular scareware threat that is affecting your computer. This is because I have had very good experience with this site as a resource when I handled a computer that was infested with scareware.

If you are at a large workplace with a system administrator, ask them to prepare a “rescue CD” with the utilities from the “bleeping-computer” Web site or provide a link or “safe-site” option on your work-home laptop to this site so you can use this computer as a “reference” unit for finding out how to remove scareware from a computer on your home network.

How the criminal law fits in to this equation

The criminal law is now being used to target the “scareware” epidemic through the use of charges centred around fraud or deception. Like other criminal cases involving the online world, the situation will touch on legal situations where the offenders are resident in one or more differing countries and the victims are in the same or different other countries at the time of the offence.

This case could raise questions concerning different standards of proof concerning trans-national criminal offences as well as the point of trial for any such offences. 

Conclusion

Once you know what the “scareware” menace is, you are able to know that criminal-law measures are being used to tackle it and that you can recognise these threats and handle an infestation.

Disclaimer regarding ongoing criminal cases

This article pertains to an ongoing criminal-law action that is likely to go to trial. Nothing in this article is written to infer guilt on the accused parties who are innocent until proven guilty beyond reasonable doubt in a court of law. All comments are based either on previously-published material or my personal observations relevant to the facts commonly known.

Criminal legal action now being taken concerning “scareware”

Articles

Scareware Indictments Put Cybercriminals on Notice – Microsoft On The Issues

Swede charged in US over ‘scareware’ scheme | The Local (Sweden’s News in English) – Sweden

US-Behörden klagen Scareware-Betrüger an | Der Standard (Austria – German language)

From the horse’s mouth

FBI Press release

My comments

What is scareware

Scareware is a form of malware that presents itself as desktop security software. Typically this software uses a lot of emphasis on “flashing-up” of user-interface dialogs that mimic known desktop security programs, whether as add-on programs or functions that are integral to the operating system. They also put up dialogs requiring you to “register” or “activate” the software in a similar manner to most respected programs. This usually leads you to Web sites that require you to enter your credit-card number to pay for the program.

In reality, they are simply another form of Trojan Horse that is in a similar manner to the easy-to-write “fake login screen” Trojans that computer hackers have created in order to capture an administrator’s high-privilege login credentials. Some of the scareware is even written to take over the computer user’s interactive session, usually with processes that start when the computer starts, so as to “ring-fence” the user from vital system-control utilities like Task Manager, Control Panel or command-line options. In some cases, they also stop any executable files from running unless it is one of a narrow list of approved executable files. They are also known to nobble regular desktop anti-malware programs so that they don’t interfere with their nefarious activities. This behaviour outlined here is from observations that I had made over the last few weeks when I was trying to get a teenager’s computer that was infested with “scareware” back to normal operation.

Who ends up with this scareware on their computer

Typically the kind of user who will end up with such software on their computer would be consumers and small-business operators who are computer-naive or computer-illiterate and are most likely to respond to banner ads hawking “free anti-virus software”. They may not know which free consumer-grade anti-virus programs exist for their computing environment. In a similar context, they may have found their computer is operating below par and they have often heard advice that their computer is infested with viruses.

What you should do to avoid scareware and how should you handle an infestation

The proper steps to take to avoid your computer being infested with scareware is to make sure you are using reputable desktop security software on your computer. If you are strapped for cash, you should consider using AVG, Avast, Avira or Microsoft Security Essentials which have the links in the links column on the right of your screen when reading this article on the site.

If you have a computer that is already infected with this menace, it is a good idea to use another computer, whether on your home network or at your workplace, to download a “process-kill” utility like rkill.com to a USB memory key or CD-R and run this on the infected computer immediately after you log in. It may alos be worth visiting the “Bleeping Computer” resource site for further information regarding removing that particular scareware threat that is affecting your computer. This is because I have had very good experience with this site as a resource when I handled a computer that was infested with scareware.

If you are at a large workplace with a system administrator, ask them to prepare a “rescue CD” with the utilities from the “bleeping-computer” Web site or provide a link or “safe-site” option on your work-home laptop to this site so you can use this computer as a “reference” unit for finding out how to remove scareware from a computer on your home network.

How the criminal law fits in to this equation

The criminal law is now being used to target the “scareware” epidemic through the use of charges centred around fraud or deception. Like other criminal cases involving the online world, the situation will touch on legal situations where the offenders are resident in one or more differing countries and the victims are in the same or different other countries at the time of the offence.

This case could raise questions concerning different standards of proof concerning trans-national criminal offences as well as the point of trial for any such offences.

Conclusion

Once you know what the “scareware” menace is, you are able to know that criminal-law measures are being used to tackle it and that you can recognise these threats and handle an infestation.

Disclaimer regarding ongoing criminal cases

This article pertains to an ongoing criminal-law action that is likely to go to trial. Nothing in this article is written to infer guilt on the accused parties who are innocent until proven guilty beyond reasonable doubt in a court of law. All comments are based either on previously-published material or my personal observations relevant to the facts commonly known.