Stopping Fake Antivirus

How to keep scareware off your network

Fake antivirus is one of the most frequently-encountered and persistent threats on the web. This malware, with over half a million variants, uses social engineering to lure users onto infected websites with a technique called blackhat Search Engine Optimization.

Once the fake antivirus is downloaded onto the user's computer, the software attempts to scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats. The fake antivirus will continue to send these annoying and intrusive alerts until a payment is made.

What's at risk?

The great threat of fake antivirus is the risk to victims' personally identifiable information, which is extracted and exploited by the affiliate networks that publish this malware.

This paper provides insight into where fake antivirus comes from and how it is distributed, what happens when a system is infected with fake antivirus, and how to stop this persistent threat from infecting your network and your users.

Learn about blackhat SEO from our experts

Please enable flash and javascript for the player to work

00:52:00 - 13 Apr 2010

Download the podcast

Blackhat SEO

Chester Wisniewski interviews Onur Komili of Sophos Canada on blackhat SEO and his new technical paper ''Poisoned search results - How hackers have automated search engine poisoning attacks to distribute malware.''

Read more on our blogs

download Download our free Virus Removal Tool
Find what your antivirus missed