Scareware

john · Oct 19, 2009, 13:51:30

I'm sure nobody here would fall for it but here's a warning on scareware anyway.

Captain K · Oct 19, 2009, 14:15:35

I spent a good couple of hours yesterday cleaning one of these things (Total Security) from my Dad's PC. Fortunately, Malwarebytes was more than up to the job. The tricky bit was actually stopping the Total Security process running so that MWB could remove it - it had disabled Task Manager!

Once Total Security was gone, MWB found 13 other viruses in the system, presumably let/invited in by the Total Security software!

davej99 · Oct 19, 2009, 14:38:25

Quote from: john on Oct 19, 2009, 13:51:30
I'm sure nobody here would fall for it but here's a warning on scareware anyway.

Thanks for that, John, it is easy to be taken in.
Scams of every kind are on the increase,
especially as security packages are improving.
Less experienced users are easy pray.
We are the weakest link.

Glenn · Oct 19, 2009, 16:59:51

I clear Anti virus 2009/10 off at least 2 or 3 laptops a week at work, Malwarebytes normally fixes the problem straight away.

quandam · Oct 19, 2009, 19:10:18

I have no doubt that the warning is a good one and should definitely be taken on board. However, is it not funny that Symantec are the ones who are drawing it to our attention? Being suspicious that an anti virus product company is making a big deal out of this makes me wary of the information offered.

I would like a lot more information from 'non interested' parties before I panic into changing my internet habits. It could well be right information but a wider view should be taken before panic sets in. I may have been lucky but I have not been presented with one of these pop ups. I do think that that there is a lot of questionable 'scareware' being promoted for devious ends.

Technical Ben · Oct 19, 2009, 20:14:01

This is no different to any other scam advert on the net. DON'T TRUST THOSE BANNERS OR POPUPS! Plain and simple. They are all bad. Even the recommended sofware should only be downloaded/purchased from the original site. I am sure you can find a few dodgy copies of Symantec Virus scanner demos on some not so legit download sites.

Gary · Oct 19, 2009, 23:22:13

I have come across thopse pop ups a few times, the thing is the less than switched on will download them, the pop up is actually a full size browser page you cannot shutdown, I just shut firefox down with task manager, and run CCleaner, if it gets on board Prevx will deal with it as soon as it launches or a mbam scan if that failed. A lot of money is lost by people bying for these things they look real they say you are infected, my mother would download one she has no knowledge that would tell her otherwise, also ransomware is getting more popular and thats well nasty, it does not matter how patched you are or what browser you use, a bad link can snare you. Symantec as any company are hoping people will use their products but the dangers are out there and to think you won't bump into one is naive I think.

somanyholes · Oct 20, 2009, 09:21:55

This stuff's been around to my knowledge since at least 2005. Would hardly call in newsworthy. Bbc jumping on the bandwagon as per usual. As as per usual the security companies are loving it.

Gary · Oct 20, 2009, 09:43:32

Quote from: somanyholes on Oct 20, 2009, 09:21:55
This stuff's been around to my knowledge since at least 2005. Would hardly call in newsworthy. Bbc jumping on the bandwagon as per usual. As as per usual the security companies are loving it.

I think the increase in it rather than attacks on the OS itself are whats been noticed So, with Vista and now Windows 7, the OS became a lot harder to attach so scareware has increased as a form of money making. As for the security compamies you are dead on, saying that Eugene Kaspersky wants us all to have passports to go online, like a driving test, some were outraged but maybe it would indeed be safer to know how to use the pc first before just going online blindly.

somanyholes · Oct 20, 2009, 09:54:11

scareware is a brilliant concept really. People pay for software to get clean systems and then get even more infected while paying for the privilige, then go and tell their friends about this brilliant piece of software that found all sorts of nasty software on their machine. You have to chuckle at the irony of it all.

Gary · Oct 20, 2009, 09:56:57

Quote from: somanyholes on Oct 20, 2009, 09:54:11
scareware is a brilliant concept really. People pay for software to get clean systems and then get even more infected while paying for the privilige, then go and tell their friends about this brilliant piece of software that found all sorts of nasty software on their machine. You have to chuckle at the irony of it all.

Thats true, I mean Symantec even take your cash each year from a credit card automatically

somanyholes · Oct 20, 2009, 09:59:33

QuoteThats true, I mean Symantec even take your cash each year from a credit card automatically

I didn't know that, but it doesn't surprise me at all. The security vendors seem to be doing pretty well at the moment, in the soho environment at least, not so well in the enterprise though.

Gary · Oct 20, 2009, 10:07:13

Quote from: somanyholes on Oct 20, 2009, 09:59:33
I didn't know that, but it doesn't surprise me at all. The security vendors seem to be doing pretty well at the moment, in the soho environment at least, not so well in the enterprise though.

Thats true, but they are all failing to counter the threats, Kaspersky has an abomination of a suite out this year its slow bulky and does odd things to your pc if you watch carefully, it scored less well than last years product but has twice the bells and whistles, but has the same engine, which probably is the issue. There are simpler ways to secure your PC, yes you may have a few more FP's but if you know what's going on that's ok and you don't have to have the mother of all AV's on your pc. Threatfire works well, so does Prevx and Sandboxie you could use any combination of these or Geswall or shadow defender there are loads, and you do not have to worry about an AV at all and your pc would work as intended. Less is more sometimes, and some of the Cloud based systems now work brilliantly without you having to have a single signature based AV on your PC

somanyholes · Oct 20, 2009, 10:22:19

G data seems to be picking up pace at the moment. It uses the approach that mail servers have been using for years. It uses multiple engines, might be of interest to you, if you haven't got your mac yet that is

I'd only use it for AV not the rest

It seems to use, avast, bitdefender and kaspersky. It does cost £ but is very reasonable.

http://www.gdatasoftware.co.uk/partners/technologies.html

Personally i'm a fan of whitelisting in the workplace.

Gary · Oct 20, 2009, 10:32:37

Quote from: somanyholes on Oct 20, 2009, 10:22:19
G data seems to be picking up pace at the moment. It uses the approach that mail servers have been using for years. It uses multiple engines, might be of interest to you, if you haven't got your mac yet that is I'd only use it for AV not the rest

It seems to use, avast, bitdefender and kaspersky. It does cost £ but is very reasonable.

http://www.gdatasoftware.co.uk/partners/technologies.html

Personally i'm a fan of whitelisting in the workplace.

Waiting for December to see what the new Macs are, So. I dont want to buy old outgoing stock. I just use Nod32 v4 and Prevx 3 (paid for version) and Sandboxie that combination works very well with just windows firewall and Mbam for occasional scans behind my router.