Not exactly new..

.. but some seem to think that it is. I have copied text from a BBC News item because the links to this kind of stuff disappear over time, and I want to ensure that this doesn’t.

Google warning on fake anti-virus software

Fake anti virus is often distributed through adverts

Fake anti-virus software that infect PCs with malicious code are a growing threat, according to a study by Google. Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software. Scammers trick people into downloading programs by convincing them that their PC is infected with a virus.

Once installed, the software may steal data or force people to make a payment to register the fake product. "Surprisingly, many users fall victim to these attacks and pay to register the fake [anti-virus software]," the study said. "To add insult to injury, Fake anti-viruses often are bundled with other malware, which remains on a victim’s computer regardless of whether a payment is made."

‘Be suspicious’

The study, which was presented at the Usenix Workshop on Large-Scale Exploits and Emergent Threats in California, analysed websites between January 2009 and February 2010. It discovered more than 11,000 web domains involved in its distribution of fake anti-virus. More than half of the fake software was delivered via adverts, Google said.

Graham Cluley of security firm Sophos, who was not involved in the study, said that one of the key ways that hackers spread fake anti-virus was so-called black hat search engine optimisation techniques. "The hackers track trending news stories – such as the death of Michael Jackson," he said. "They then create websites stuffed with content, which in many cases can appear on the first page of search results."

Anyone clicking on the link, he said, would be confronted with a pop-up with a link to fake anti-virus software. Google uses tools to filter out booby-trapped websites, but the firm said that hackers were managing to avoid detection by moving between domains quickly. Mr Cluley said that people should be familiar with their own anti-virus software and should "always be suspicious" if they were confronted with a pop-up telling them you need to download something extra or spend money to clean up a computer. "If you already have anti-virus installed you shouldn’t need to do that," he said.

So there you have it..

Points to take away from the above..

  1. You should know what anti-virus program is installed on your machine, and ignore warnings from anything purporting to be your installed anti-virus program.
  2. No authentic anti-virus program can scan as fast as the bogus types seem to do. It is just not possible
  3. The reason that the bogus anti-virus programs appear to scan so fast is that they already know which files to warn against as it is the bogus anti-virus program has created them.


Use common sense. An authentic retail anti-virus program will only ask for money if it is at the end of its subscription period. Free ones like Microsoft Security Essentials will NEVER ask for money unless Microsoft or whoever decide to charge for it.

Leave a Reply

Your email address will not be published. Required fields are marked *