Google Study Reveals Fake Antivirus Is Growing Threat
A year-long study at Google has revealed that scammers are relying less on weaknesses in software code and more on users' tendency to download fake antivirus software in order to infect computers.
Google released the results of a 13-month study, carried out between January 2009 and Febraury 2010, detailing how scareware , or malware designed to prey on users' fear of viruses, has become increasingly prevalent.
According to Google, a full 15 percent of all malware involves some form of fake antivirus program that encourages users to pay for fake protection software or a bogus virus scan. Niels Provos, a principal software engineer at Google, said that fake antivirus software has seen a five-fold increase since Google first started its analysis.
"Our analysis of 240 million web pages over the 13 months of our study uncovered over 11,000 domains involved in Fake [antivirus] distribution — or, roughly 15% of the malware domains we detected on the web during that period," Provos said on Google's security blog.
Google calls these "social engineering attacks" because the scammers are exploiting consumers' fears and misunderstanding to induce them to willingly download malware, instead of using software vulnerabilities to sneak malware in without the consumer's knowledge.
Researchers found that Google's Safe Browsing technology for Chrome and Firefox had helped identify threats better, resulting in shorter and shorter periods of time when malware domains were active before scammers were forced to move on.
Still the threat is still very real, and the scammers are becoming more sophisticated at making fake antivirus software look legitimate.
"More recent fake AV sites have evolved to use complex JavaScript to mimic the look and feel of the Windows user interface," Google's report said. "In some cases, the fake [antivirus] detects even the operating system version running on the target machine and adjusts its interface to match."
Provos advises users to completely close the browser and restart the program whenever encountering a fake antivirus pop-up or message.
Users should also keep a close eye on their credit card accounts and use up-to-date antivirus software from trusted sources in order to prevent malware attacks.
