14 DAY TRIAL // The Federal Bureau of Investigation has issued a scareware alert through the Internet Crime Complaint Center (IC3). The advisory describes the aggressive tactics used in these scams and estimates that they caused losses of over $150 million to victims.
Scareware, also known as rogueware, is a term used to refer to fake antivirus products that trick users into paying for license fees by bombarding them with false security alerts. This sort of schemes are so profitable that cybercrooks have built an entire underground economy based on it.
Some cybercriminal gangs offer scareware deployment services through their own malware infrastructure, while others get paid big bucks to launch blackhat search engine optimization (BHSEO) campaigns in order to poison search engine results for popular terms. Scareware is so prevalent these days that there is no single attack vector to watch for.
If your computer gets infected with a trojan, there are strong chances that scareware will also be installed on your computer. If you search for news about a recent event on Google, chances are you'll end up on a rogue site pushing scareware. Even if you only visit legit and trusted websites, you can still end up encountering a malicious advertisement (malvertizement) that promotes scareware.
The IC3 alert refers mostly to one particular scareware distribution channel – the web. "An ongoing threat exists for computer users who, while browsing the Internet, began receiving pop-up security warnings that state their computers are infected with numerous viruses," it reads.
These pop-ups are quite aggressive and most of the times, the only escape for the user, even if they realize the danger, is to kill the browser process and restart with a new session. It might not even matter if the user clicks on such a pop-up or not, as attackers can use exploit kits embedded into Web pages to perform silent and unauthorized installations known as drive-by downloads.
The IC3, which is a partnership among the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA), recommends surfing the Web with a reliable and up-to-date antivirus program installed. "If a user receives these anti-virus pop-ups, it is recommended to close the browser or shut the system down. It is suggested that the user run a full, anti-virus scan whenever the computer is turned back on," it advises.
The FBI estimates an over $150 million loss to victims, but the real figure is likely to be much larger and these gangs are starting to adopt an even more aggressive model known as ransomware. Applications that fall into this category do exactly what the name suggests – hold computers for ransom. They disable critical functionality of the operating system, then claim that malware is responsible and that they are able to fix it; if users agree to pay for a license fee, of course.
We've covered the subject of scareware many times before, and so did other websites and blogs. However, seeing the FBI issue a warning about the threat is much welcome, as it helps raise awareness even more. After all, not everyone has a taste for security news.