They're the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they've also raked in more than US$150 million for scammers. Security experts call them rogue antivirus programs.
The FBI's Internet Crime Complaint Center issued a warning over this fake antivirus software Friday, saying that Web surfers should be wary of sudden pop-up windows that report security problems on their computers.
This software can appear almost anywhere on the Web. Typically, the scam starts with an aggressive pop-up advertisement that looks like some sort of virus scan. Often it's nearly impossible to get rid of the pop-up windows. Of course, the scan turns up problems, and the pop-up windows say the only way to get rid of them is to pull out a credit card and pay.
This is always a bad idea. At best, the software is subpar. At worst, it "could result in viruses, Trojans and/or keyloggers being installed on the user's computer," the IC3 said in its warning. The IC3 is run in partnership with the National White Collar Crime Center.
"The assertive tactics of the scareware [have] caused significant losses to users," the IC3 said. "The FBI is aware of an estimated loss to victims in excess of $150 million."
Scareware peddlers have pushed their ads on legitimate ad networks. The New York Times was tricked into running rogue antivirus ads in September by a scammer pretending to work for Vonage. Sometimes, the scammers simply hack into Web sites and use attack code to put their software on the victim's computer.
Last month, webcams sold by Office Depot contained links to a hacked Web site that tried to download rogue antivirus.
The IC3 says that users who see these unexpected antivirus pop-up warnings should shut down their browsers or their computers immediately and then run an antivirus scan to see what's going on.
Victims who have been hit with rogue AV can file an IC3 complaint here.