So fake antivirus, what is it? Well, fake antivirus is all about the money, making money out of victims by tricking them into paying for the removal of threats that never really exist on that machine. Once the user is infected with a fake antivirus, the fake antivirus continually bombards with warning messages trying to convince them that these threats are real in order to have them pay for these threats to be removed.
The fact is fake antivirus is one of the most prevalent threats today because of the huge volumes of money that the bad guys are making. Look at any recent threat report and always at the top of the charts would be threats related to the fake antivirus malware.
So fake antivirus distributes in a variety of ways, all the usual ways we see malware distributed nowadays. For example through malicious websites, though spam messages etc.
But actually one of the key ways in which fake AV is being distributed is through search engine optimization techniques, sometimes called Blackhat SEO techniques. So what are these all about? Well, actually these are all about bad guys tricking the search engines into adding links to rogue web pages within the search results when users search for popular search terms. So by monitoring Google trends, the bad guys are able to see exactly what type of information is popular now, and then are able to poison these topics.
Blackhat search engine optimization techniques work, quite simply, because we trust search engine results. When we search for a topic we tend to trust results that are coming back. We don’t ordinarily inspect each and every URL prior to clicking on it. The fact is – we trust the data that comes back form the search engine, and that’s why it is so easy for the bad guys to scam the search engine, and that would scam us.
Another interesting fact with that Blackhat SEO attacks, is that the Blackhat SEO pages themselves are typically hosted on legitimate websites. This is interesting for a number of aspects.
Firstly, it makes it harder for the search engine to filter out these results, because the bad guys are usually using websites with good reputation.
Then secondly, even if the user is quite paranoid and carefully looks through the search engine results and tries to find rogue looking sites, actually what he will see is URL’s that point to legitimate looking sites.
So when users search for information or topics and clicks on a link, it redirects to a rogue antivirus site. Typically they show you some sort of fake system scan which tricks them into downloading and running an executable file and this is a fake antivirus.
Demonstration of "Buying" a Fake Antivirus07:15Per viewer suggestion, i take a look at the subtle differences you may notice if you pay (or find a key) for a fake antivirus program. i don't really recomme...
Messin' with Fake AVG Antivirus 201112:31Pretty interesting stuff, i must say. if anyone needs a removal video, leave a comment.
Remove Fake Windows Ultra Antivirus by Britec06:47Remove fake windows ultra antivirus by britec this infection was designed to silently install on users systems and con them into purchasing fake software tha...
Fake Virus And Fake Antivirus Prank05:40This is two of the programs i made that are really good for pranks i will make tutorials on how to make both of them later!!!
SophosLabs - What is Fake Anti-Virus?02:30Fraser howard, principal researcher for sophoslabs, explains what fake anti-virus (fakeav) is, why it's a popular method of attack, and why it is so dangerous.