Freaking out ScamWare scum

Apparently, the practice of manipulating people with fear into doing things that are not in their best interests is not illegal but the people who perpetrate this stuff are lower forms of life. Check out this video and score one for the human race.


Here’s the five top pieces of scamware according to Jack Wallen at TechRepublic:

1: Windows Microsoft Guardian

This lovely piece of software will seem right at home on your users’ PCs. At first it promises it will take care of them, soothe what ails them, make them coffee. In the end, the fake scanning and false positives will result in absolutely nothing — other than the loss of their hard-earned cash. You won’t find a site for this piece of software. It usually is encountered when users hop around from site to site until a popup appears that seems to be scanning the PC for infections. And then it seems to magically find an infection, informing users that they should purchase and install the software. Next thing you know, they’re whipping out their credit cards and buying a piece of software that does absolutely nothing but rob them of some cash – or maybe worse (their credit card number).

2: Fast Antivirus 2011

This one is similar to Windows Microsoft Guardian, only it’s a bit uglier and doesn’t just want to steal the user’s cash. In this instance, Fast Antivirus 2011 tricks the user into installing the software and then it gets malicious. FA2011 starts out as scamware and quickly evolves into a full-blown piece of malware that will cause the end user no end of trouble. Fortunately, it can be removed by any number of anti-spyware tools, such as MalwareBytes. Just make sure a MalwareBytes scan is run as soon as this popup is seen — regardless of whether the user has installed anything. I have actually seen a PC infected with this scamware that had to have the OS reinstalled. It can be vicious.

3: MacDefender

MacDefender is a Mac variant of anther piece of scamware that’s been around for quite some time –Windows System Defender. The thing about MacDefender is this: Anyone using a Mac should know that such a tool isn’t (currently) necessary. MacDefender relied on a lot of SEO poisoning to get listed at the top of search results. When the user browses to one of those sites with Safari, the scamware is automatically downloaded. The user is then prompted to install what looks like a legitimate piece of Mac software. Once it’s installed, a fake virus scan will begin and eventually display a popup claiming the machine is infected. It’s a Mac, people…. The good news is, if users don’t purchase the software, they’re not in any real danger.

4: Coupon toolbars

Why do people think these are a good idea? Well, a bargain is a bargain, right? And any way to find the best deal on a gross of toilet paper is alright by me. But thinking a coupon toolbar will help scour the Web for the best printable coupons is not a good idea. When I do remote support for a client, the second I see a coupon toolbar on a browser whose machine has slowed to a crawl, I remove that toolbar. Many times, it’s nothing more than a piece of tracking spyware and will have adverse effects on the machine. No, it won’t bring the machine to a dead stop, but it will track the user’s network habits and it will effectively slow down browsing.

5: RuFraud apps for Android

These are premium SMS toll fraud apps that target European Android users. They look like well-known third-party apps (such as the Opera Web browser or horoscope apps). But once the user has granted permissions for the app, it will start sending messages to multiple premium-rate SMS numbers (such as Estonia 17013, Czech Republic 90901599, Ukraine 7540, Tajikistan 1171, and Poland 92525). In many instances, users can be charged as much as $5.00 per SMS message. That toll can get very high. Google has done a good job of removing the RuFraud applications from the Android Market, but that doesn’t stop these apps from appearing on various download sites. The best way to avoid the problem is to make sure the device is set to disallow third-party installation of apps.