The Scourge of Rogue Security Software

Paul Mah

In a recent guest post on, Marc Fossi, who is the Manager for Research and Development at Symantec, warned of the dangers of rogue security software. Rogue security software is a name given to a class of fake security software that masquerades the real deal. It typically employs fear tactics to persuade users to quickly fork out cash to remove a nonexistent infection.


However, especially disturbing is that no protect is actually afforded. On the contrary, rogue security software installs the very malicious code that it promises to eliminate, turning the target computer into a slave that can be remotely controlled by a hacker. An estimated 43 million users have downloaded these fake applications since June 2008, making this a real problem with SMBs. And that is not even considering the $30 to $100 that users get tricked into paying.


The beef here is that such schemes are unlikely to go away any time soon. According to Fossi , who is also the executive editor of the Symantec Internet Security Threat Report, these scams are run like Internet businesses, with payouts to scammers who succeed in bringing in new victims. In fact, top affiliates can earn a staggering $332,000 a month.


It has been noted in the past that SMBs fare poorly when it comes to training their work force in IT-related matters. To help them along, Fossi offered a short list of pointers that SMBs can use to remind users.


I list the tips below, and elaborate on how they help.


  • Type in the URLs rather than clicking directly on e-mail links.

Clicking on a URL link is an excellent way for spammers to verify the validity of your e-mail addresses, or introduce you to a malicious site. As such, caution should be exercised before clicking on any links in e-mail. Of course, staffers should already know how to identify suspicious or questionable URLs, though obfuscation tricks might prevent them from seeing the actual URL. Typing it in manually eliminates this problem. An alternative suggestion that I use would be to perform a "right-click, copy" of the link and manually paste it into the browser address field. Examine the URL there and proceed to load the page only if it checks out OK.

  • Employees should avoid opening or executing e-mail attachments unless it is expected, or it comes from a trusted source.

The recent Google Hack is a case in point here. Based on information gleaned from the incident, the hackers sent e-mails with URLs to malicious sites to Google employees that purport to be from their colleagues. While most users know that opening e-mail attachments from strangers is a no-no, this caution might not hold true when receiving correspondence from people they know. As such, similar caution should be exercised when perusing unexpected e-mails from colleagues.

  • Employees should be wary of pop-up windows and banner advertisements.

Pop-up windows and banner ads purporting to find a virus on your systems are common vector that rogue software scams use to panic users into downloading and paying for their products. Ensure that users are aware of this lest they fall for it.


Do you have other tips relating to rogue software to share here? Feel free to post your comments below.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.