14 DAY TRIAL // Microsoft's Windows operating system is by no means a product inherently associated with the concepts of user protection or security. The best argument for this is the expanding multi-billion security industry that is fueled by Microsoft having failed to lockdown Windows. And even with the increasing focus on security of the Redmond company with its latest lineup of products, including Windows Vista and Windows Server 2008, both the security industry and the threat environment have sufficient momentum to continue using Windows as a fertile soil for profit.
And as far as the threat environment is concerned, the sheer variety of techniques deployed to infect and compromise the Windows client with malicious code means that the extent to which Microsoft perfects the code of the operating system is simply an irrelevant variable.
In this sense, social engineering is an illustrative example. Social engineering relies on abusing the end user and not the software. And since it is not a bug or a security vulnerability it cannot be patched or mitigated. And education barely helps. One aspect of social engineering are misleading security products that trick victims into thinking that their operating system is infected with malware or in need of some obscure form of optimization.
"They can appear in several ways, such as in downloaders or simply via browser advertisements: "Your computer is in danger!", "Get a better PC", or "Protect your pc from hackers!" are just a small example of the messages a user could be exposed to. Once the user is tricked into executing an installer, free scanner, or whatever (which can happen with or without the user's consent, by the way) then the show really begins! Any visual means of communication is used to warn the user of the terrible menace pending," revealed Andrea Lelli, Symantec Security Response Engineer.
According to Symantec, panic is the best friend of misleading applications. A panicked user will blindly follow the instructions presented even if they involve downloading and installing additional malware masquerading as legitimate applications or coughing up money to get rid of the problems.
"Any interaction with these warnings will set off a trigger and some application will be downloaded and installed. The purpose of these applications is to scare the user through convincing messages that his or her machine is in great danger in terms of security, or that the PC has a multitude of errors that are forcing the PC to run slower, etc. Then, they report their findings: lots and lots of critical risks, there may be spyware present, malware, errors, and/or privacy violations. In reality, many of the reported items do not even exist, are not critical, nor are they dangerous at all, but the important thing here is to look scary," Lelli added.
