Scareware
Introduction
Scareware is software that deceives online computer users. Scareware is also referred to as rogue scanner software or fraudware, and its main purpose is to frighten computer users into purchasing and installing the Scareware (Kim et al., 2012.p. 391-403). The Scareware will normally deceive the computer user into double-clicking and installing software.
The Scareware displays a frightening screen on the user’s computer being attacked by a virus, and then the Scareware will then claim to provide the antivirus solution to those virus attacks. Several online computer users have fallen victims of Scareware that has become a multimillion-dollar business. Additionally, Scareware takes advantage of online users fear and lack of adequate technical knowledge to demand payment of at least $19.95 for providing antivirus for fixing the virus it has displayed on the computer screens (Kim et al, 2012.p. 391-403)
. The virus is normally fictional, and the software is non-functional or it is a malware in itself. Between the July and December of 2008, the Ant-Phishing Working Group reported that the number of Scareware in circulation had increased to 9287 from 2850. Scareware scammers use fake versions of virus alerts and other types of system problem messages to display on the screen that will deceive over 80% of the online computer users who sees them.
The various examples of Scareware include Spy Sheriff, Total Secure 2009, XP Antivirus 2009, Adware Punisher, System Software commonly known as Microsoft Blue Screen of Death (Giles, 2010). This essay will examine Scareware in terms of background history, developments, and current issues relating to Scareware.
Background History
The nightmare is a Scareware that was developed in 1990 by Patrick Evans, who distributes the Scareware and remain with the source code. It is the first type of Scareware program that was distributed on Fish Disks for the Amiga computer. The nightmare attacks the computer by displaying an image of a skull with blood on its teeth and blood oozing from a hole in the skull after every five minutes (Hillick, 2010).
Extortion ware is designed to blackmail computer user that their PC are infected with viruses, or his/her hard drive is failing and the results could be loss of data. The Extortionware scares the user into registering the software and requires the PC user to part ways with some cash for antivirus software. This type of software uses blackmail to coerce the user to pay for the registration.
The Extortionware uses social engineering to frighten the PC user or create a perception of threat to PC users (Corrons, 2010). The first waves of Extortionware were fake antivirus programs followed by the fake operating tuning utilities such as registry cleaners. The fake recovery programs commonly referred to as Data Recovery Trojan came into existence in 2012.
The fake antivirus convinces the users that a virus has attacked their computers and suggests fake antivirus software to remove the virus that they have to pay for the antivirus. The anti-phishing working group reported that the Extortion ware packages increased in circulation to 9287 from 2850 in the second half of the year 2008.
The Extortionware is designed in a way that it imitates the genuine security software to blackmail customers in registering the software. It displays a pop-up advertisement window with a text message such as, “Your PC might be infected with harmful spyware programs. Immediate removal is required. To scan click ‘Yes’ below” (Hillick, 2010). These pop-ups are designed in a way they look as if they are coming from the user’s operating system when in the real sense they are a web page. Such advertisements are usually considered Extortionware that belong to the class of malware or the rogue software.
Later Development
Google conducted a study in 2010 and found out that 11,000 domains were hosting fake antivirus software, this accounted for fifty percent of all malware delivered through advertisement on the internet. Extortionate spread the Liza Moon SQL injection that attacked and infected over 1.5 billion websites at the start of 29 March 2011.
The research conducted by Google further discovered that Extortionware used its serves for checking for internet connectivity resulting into over one million computers being infected with Extortionware. Google intervened by placing a warning in the search results of users whose computers appeared to be infected (Corrons, 2010).
Spy Sheriff is designed to scare users in installing the rogue software changing the computers background by installing icons in the computer’s notification area under the Microsoft Windows.
Spy Sheriff claims that a certain kind of software has infected the computer and purports to remove the spyware, but it are a piece of spyware itself (Kshetri, 2013.p.45). Smart Fortress also scares computer users by making them think several viruses have infected their computers and request them to purchase the professional service. Extortionware also tricks it computer users such as uninstalling legitimate antivirus software such as Microsoft Security Essentials and advising them to disable their firewall.
The Issues As They Stand Presently
The Federal Bureau of Investigation (FBI) of United States of America issued a public alert on 16 December 2009 concerning Scareware. The rogue software commonly known as Scareware is increasingly causing security challenges for internet users. The FBI issued a warning to computer users should be aware of pop-ups that report security problems on their computers that they were fake, and online users should ignore such pop-ups (Oriyano et al., 2013).
FBI decided to file federal indictments against an Ohio man, James Reno, and two foreign residents namely Shaileshkumar P. Jain and Bjorn Daniel Sundin in a move to combat the Scareware malware frauds (Oriyano et al, 2013). Microsoft supported this indictment because the Scareware was designed in a way the programs were products of Microsoft Company. Once the Scareware software is installed in the computer, it generates fake alerts messages of malware infections. The user is then directed to purchase similar malware software for repair of the problem that fails to fix the problem.
The bogus Scareware such as Driver Cleaner and Error Safe are sold to computer users for prices that range from $30 to $70 leading to Scareware owners earning many millions from the business. According to FBI statements released in 2010, the owners of the Scareware who operated in Ukraine caused internet users in over 60 countries to purchase over one million fake software products causing the innocent victims losing more than $100 million (Kshetri, 2013.p. 39-65). The examples of Scareware fake software include Malware Alarm, Antivirus 2008, and the Virus Remover.
Win Fixer is a product of Scareware that was used to mislead online computer users by associating the fake product with Microsoft products. This made the Microsoft Company to assist the FBI and the USA Department of Justice to determine the damages caused by the fake software and explained to them how the fake software worked.
Later on, the Department of Justice, the FBI, and Microsoft stated that they were working together to protect consumers by making the internet a safe place (Kshetri, 2013.p. 39-65). The Scareware has also affected the social network site; the bogus software has infected Facebook. The US Federal Trade Commission decided to compensate 320 000 known Scareware victims after coming into agreement with the producer and distributor of the fake security software that made the Win fixer, Drive Cleaner and the XP Antivirus (CBS Interactive ,2015).
Conclusion
Scareware software deceives the computer user into double-clicking and installing software thinking that the software will remove the virus that attacked their computer. Several online users have fallen victims of the fake software and lost over US $100 million from the purchase of fake software in the process. Several technology firms have also been affected by the Scareware software such as Microsoft and the social network especially Facebook was hit by the fake software.
The intervention of The Federal Bureau of Investigation (FBI) of United States of America and the USA Department of Justice helped combat the selling of dubious software to online computer users. The possible solutions to combating the fake software on the internet are by online users to use only legitimate trusted antivirus product.
Secondly, by making a habit of reading only emails in the plain text and try to avoid HTML emails. An online computer user should never open file attachments from strangers or anyone offering software services because such emails are always a fraud and should be deleted before they infect your computer with viruses.
Reference
CBS Interactive. (2015). FTC issues refund to the Scareware victims
Giles, J. (2010). Scareware: the inside story. New Scientist, 205(2753), 38-41.
Corrons, L. (2010). The business of rogueware. Web Application Security, 72, 7-7.
Hillick, M. (2010). Scareware Traversing the World via a Web App Exploit.
Kshetri, N. (2013). Cybercrimes in the Former Soviet Union and Central and Eastern Europe: current status and key drivers. Crime, law and social change, 60(1), 39-65
http://libres.uncg.edu/ir/uncg/f/N_Kshetri_Cybercrimes_2013.pdf
Oriyano, S. P., & Gregg, P. M. (2013). Hacker Techniques, tools, and incident handling. Jones & Bartlett Publishers
http://www.amazon.com/Techniques-Incident-Handling-Information-Assurance/dp/0763791830
Kim, T. H. J., Gupta, P., Han, J., Owusu, E., Hong, J., Perrig, A., & Gao, D. (2012, October). OTO: online trust oracle for user-centric trust establishment. In Proceedings of the 2012 ACM conference on Computer and communications security (pp. 391-403). ACM.