Fake Malware Infection
Have you seen a strange security warning on your PC? Did a notification window suddenly appear, informing you that your computer is under attack by some IP address? Is there an unexpected balloon message that appeared from a new and unknown tray icon, giving you warnings on the status of your PC security? Do you see the persistent scanner that says the PC is infected with severe, high or medium risks? If you are seeing all or any of these, you must have seen also a dialogue box that says "activate your antivirus software now" or "register to remove detected threats".
These fake virus and malware scans by rogue software is not a good thing. The security risks presented by the rogue programs do not exist in your computer but it does not mean the PC is clean. The computer is actually infected but not by the threats that the rogue software has detected. It is infected with rogue software itself. These fake AV programs are a widespread nuisance online.
The Threats in Disguise by Fake but Free Antispyware Scan
The threats presented to users by the rogue antispyware or antivirus scanner were created to scare internet users. Below are some of the free anti spyware programs with threats in disguise:
AntiVir Solution Pro – the program exploits the name of genuine AntiVir antivirus program from Avira. Fake threats in listed in the scan result, a balloon message, tray icon, and the fake antivirus scanner appears in Windows.
AntiVir Solution Pro also displays a notification window and spyware alert message in a form of a dialogue box but you will notice in the task manager that AntiVir Solution Pros’ process name is suspicious enough to know that the PC is infected with rogue program:
Fake Protection Center Removes Malwarebytes Anti-Malware
One of the rogue programs that I came across has "Protection Center" as software title. The scareware can detect the legitimate Malwarebytes Anti-Malware in the computer and provides warning that it is conflicting with Protection Center:
The rogue program will offer to uninstall Malwarebytes and if the inexperienced user clicks the "OK" button and it will proceed to add its tray icon during the install.
Free Security Suite and Smart Security
Another free anti spyware program providing threats in disguise is the Security Suite rogue program. The scanner displays critical threats it claims were found in Windows with matching fake warning messages in a balloon message:
Do you think the below rogue program is smart for exploiting the name of legitimate ESET Smart Security? The program name is Smart Security but it found no threats after running the free scan:
Free Scan by Rogue Programs is Dangerous
Scareware or rogue and fake antivirus programs are dangerous because they not only infect the computer and cause performance issues, but also provide privacy risks to victims who provided their credit card information, name and e-mail address to the scammers in order to register the program.
If you are victim of the scammers that distributes rogue programs like fake AV scanners, immediately contact the credit card issuer by canceling the transaction for the said order of rogue program. You also need to request to the bank to replace your credit card.
You can prevent becoming a victim of scareware programs and scammers by not clicking on ads or opening strange email attachments which will install Trojans and provide fake alerts by the rogue scanner. Do not buy or register any software from untrusted sources and do not reveal your credit card and other valuable information to unknown people, websites or services, especially in websites of the fake antispyware programs. Anything security software that tries to force you into paying for something is most likely a scam.
It’s recommended to have an extra layer of protection using trusted antivirus programs, a firewall that monitors outbound traffic, a host file such as MVPS or hpHOSTS, a browser security add-on such as Web of Trust or SiteAdvisor and by installing the updates for Windows and other applications.
Image Credit: Screenshot taken by the author.