h1

Combatting Scareware

November 20, 2009

TrustCC helps banks and credit unions navigate many kinds of IT threats. One of the most interesting threat vectors in recent years is “Scareware,” a pop-up window that displays a warning stating a victim machine is infected with some sort of virus or spyware, even though it is not.

Such programs are extremely widespread and are increasingly used by cybercriminals. A leading anti-virus vendor, Kaspersky Labs, detected about 3,000 rogue antivirus programs (Scareware) in the first half of 2008 and more than 20,000 programs in the first half of 2009!

Scareware usually surfaces when surfing the Internet. Cybercriminals use hoax messages or malicious advertisements to trick users into giving permission to install these programs.

Scareware Example MessageSample Scareware message

Time and again users attribute a message like this to legitimate security software and approve the install. As a matter of fact, the cybercriminal typically code both the “Yes” and “No” buttons to install the program. To close the window without installing the rogue software, users need to click the “x” in the upper right hand corner or press <alt> <f4>.

We recommend banks and credit unions become familiar with Scareware tactics and implement comprehensive training so staff will not fall victim to these tactics. Kaspersky Labs has a detailed article on the topic that is worth the time for the read.

We are happy to answer any questions you may have about Scareware and other IT threats. Submit a comment if you need additional information or help with your strategy.

– TrustCC

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: