Tuesday, August 5, 2008
[This article is reprinted from the May 2007 issue of Triona's Tech Tips. Software scams remain a nasty plague on consumers. Be wary of any programs that offers themselves to you via a popup window or flashy Web ad.]
I hate seeing my users scammed. And there are some nasty scams out there, including this tricky one involving the online upgrade of software.
Here's what happens. The user receives a legitimate renewal reminder from his Windows antivirus software. He searches the web for the upgrade, and that's where the scam begins. He clicks on what he thinks is the correct link, and is directed to a website that looks like the right place. He selects his upgrade, puts in his credit card number, and installs the provided program. He is left with a new icon that seems to be doing all the things antivirus software should do. Except it's not antivirus software at all, and that card number just got swiped.
The culprit is "Win AntiVirus," also known as the SmitFraud trojan. This pest mimics the styling of Norton AntiVirus, and it's slick enough to fool almost anyone. The first time I encountered it, I had to do some careful checking to determine it didn't belong.
Since it's not a real antivirus program, "Win AntiVirus" leaves you vulnerable to real viruses. Usually when I find it, it's because I've been called in to fix something seemingly unrelated, like being unable to print. That's just a symptom of the real issue, which is that your computer is now minus its protections and susceptible to whatever comes along. The way search engines like Google work only adds to the problem. The scammers purchase advertising keywords so that when you do a search, their scam link comes up near the top of the list.
Upgrading your antivirus software is an important thing to do, but keep an eye out for tricks like this. When in doubt, type web addresses manually instead of clicking on a link. If you're a Norton user, the place to go is Symantec. McAfee, Trend Micro, and the free AVG and ClamWin programs are all legitimate products as well. The links here on Triona's Tech Tips (see below right, under "Windows Help") will point you to the real deal.
Antivirus is not the only software spoofed. Spyware, the collective term for software you don't want, often has the hubris to masquerade as anti-spyware software. Those free "PC cleaners" you see advertised in spam emails are just trying to get you to install their junk so they can zombie your computer like we discussed a few months ago. I have actually seen such scams advertised on television, no less! Avoid using software that is advertised via spam or pop-ups, and be sure you know whose product you are using. Of course, purchasing from a store is a workaround against online scams.
If you've been victimized, it's time to pull out the big guns to protect your identity: FTC's Identity Theft website. In Illinois, the Attorney General has also set up an Identity Theft hotline at 1-866-999-5630. I don't know what happens to the credit card that was entered, but it can't be good. You also need to clean off your machine, and sadly in the case of "Win AntiVirus," usually the best choice is to reinstall from scratch. Otherwise you'll never know if it's really gone.
We talked before about how to create stronger passwords using my handy tipsheet (PDF). If you haven't had a chance, give it a try. Remembering passwords is much easier than trying to recover a stolen identity!
Posted byTriona Guidry at 9:30 AM