NoScript: Whitelist your way to a safer web experience
Anonymous vs. Westboro Baptist Church: Nobody's right when everybody's wrong

Will Fake AV turn to legit names in force?

The Security Blog article With Great Name Comes Great Liability discusses how rogueware authors have entered the identity theft business. No, they're not stealing identities of natural persons but the names and logos of  legitimate antivirus programs for their fake products.

Admittedly,  the recent fake version of the popular AVG antivirus raises concerns that this is the beginning of a worrisome trend. I'm not convinced yet. Dozens of new variants of Fake AV and rogueware appeared in 2010 and the incidents of  impersonation among them are not enough yet to indicate a shift in rogeware strategy. Scammers have carefully avoided using names protected by IP & T for some time. I'm thinking they still want to stay off the radar of the online  protection measures that most major brands implement or hire 3rd parties to do so for them.

The Security Blog suggests that users have "become smarter in distinguishing the name of fake and real antivirus programs". I'd love to believe that this is true, but I'm inclined to believe that there are simply too many security terms scammers can mix and match to create seemingly legit names or approximations of legit names. The names become a blur, vendors re-brand their own products and the distinctions are lost over time. Moreover, distinguishing among names is a thoughtful activity. Fake AV programs are often designed to take users by surprise or cause panic,  appeal to a user's attraction to free stuff... basically any means to make a user act before or without thinking. Are users really pausing to distinguish AVG from AGV in these situations? Enough for rogueware scammers to increase the risk of early detection by online brand protection agents?

Irrespective of whether impersonation of legt AV is growing or not, follow the advice offered in The Security Blog article. If you have any doubt whatsoever, don't download brand AV from third parties; instead, go directly to the AV vendor for  free or fee versions of antivirus software.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.