Wednesday, March 17, 2010

The Rise of Free -- and Fake -- Antivirus Software

The Rise of Free -- and Fake -- Antivirus Software

With the tremendous growth in malware. identity theft, and on-line scams, you'd think that every PC owner in the world would make Internet security software a "must have" before connecting to the Internet. Unfortunately, this assumption is dead wrong. Believe it or not, lots of industry research indicates two huge misconceptions still exist:

1. Many users believe that all of the public media about Internet security must mean that things are improving (Author's note: Yes, this seems crazy but this perception is wide spread amongst computer novices).

2. Many users also believe that if they avoid problem sites like pornography and on-line gaming, they will remain safe (Author's note: Also untrue).

Folks like these need a cybersecurity wake-up call ASAP. They also need simple security tools that they can access and install without the need for technical help.

Fortunately there is a bit of good news. Free antivirus software seems to be gaining a foothold, especially in emerging markets around the world. AVG is a freeware leader but others packages like Immunet and PC Tools are also gaining appeal. Finally, Microsoft Security Essentials is now running on about 12 million PCs throughout the world. Microsoft deserves credit here for providing a free security offering strong protection and ease-of-use functionality.

These reputable free AV packages may help bridge the security gap by protecting previously unprotected machines. Unfortunately, the bad guys are outperforming their more altruistic counterparts. Back in late 2008, PandaLabs estimated that 30 million users had fallen victim to fake AV scams and my guess is that the number is up to over 50 million by now. Last year's Conficker worm was purpose-built to push this scam even further.

The bad guys know a good con when they see one. Many of the fake AV programs are "packaged" (i.e. fake ads show fake packaging) to look like McAfee, Symantec/Norton, Trend Micro and others. The names even sound like real Internet Security or mainstream software. Fake names include Vista AV, Security Essentials 2010, Antivirus 360, etc.

Ultimately, fake AV kicks unsuspecting users in the teeth. Instead of buying protection, they are actually buying malware that gets installed on their systems, turns them into zombies, or steals personal information.

To those of us in the IT and cybersecurity industries, these scams are relatively easy to spot but your parents, grand parents, friends, or kids who aren't as tech savvy need to be warned. Let these folks know about the good free offerings from AVG, Immunet, Microsoft, and PC Tools and warn them about the scams.

We need more public education about cybersecurity risks and threats but in lieu of this, lets get viral and spread the word.

No comments: