14 DAY TRIAL // McAfee warns that fake antivirus applications, collectively known as scareware, are one of the driving forces behind the cybercriminal economy and have grown to account for nearly a quarter of all malware in circulation.
"Forget ghosts and goblins, what you should really be scared of this Halloween is 'scareware'," the company's researchers warn.
"It’s a trick that cyberscammers have been using to rake in hundreds of millions of dollars each year – and it’s no treat for computer users!" they add.
It's not hard to observe that fake AV applications are pretty much ubiquitous on the threat landscape.
At any given time, there are hundreds of variants, which are being spread through numerous methods.
According to the antivirus giant, out of 150,000 malicious links observed between March 2009 and May 2010, 23 percent led to scareware pages.
These programs have one ultimate goal - to scare people into parting with their money and compromise their credit card details in the process.
They do this by bombarding users with fake alerts about fictitious infections allegedly discovered on their computers.
They then claim that the free or trial version of the application is not capable of cleaning the threats and an upgrade to the commercial version is required.
One method scareware peddlers like to use is black hat search engine optimization (BHSEO), which involves poisoning the search results for popular keywords with malicious links.
Another technique is to pose as an advertising company and trick legit websites into accepting a scareware-pushing ad onto their website. This is called malvertizing.
And finally, there's the spam emails, that pose as important communications from popular online services or companies.
These emails look just like the real thing, but all links contained within lead to a scareware distribution page.
Security researchers advise users, who fell victim to such a scam, to immediately call their bank, request a charge-back and cancel their credit card.
They should download an antivirus program from one of the trusted vendors and perform a full system scam. Nowadays, pretty much all AV companies offer fully functional 30-day trial versions of their products.