We are all aware of the threat of rogue/fake anti-virus/scareware and how easily it can catch unsuspecting users out, particularly as so much attention is given to ‘ensure you have anti-virus installed'.
However a new threat has emerged with an increase in cold-calls noted that attempt to sell fake or cracked anti-virus software. ESET claimed that the scam often works with the caller pretending to be calling from, or affiliated with high profile companies such as Microsoft and them using domains such as go4sapling.com, supportonclick.com and metsupport.com.
They reportedly frighten the victims into believing their computers are infected, but offer to rectify the non-existent problem for a charge. ESET said that it has heard of people paying anywhere from between £45 and £79 to clean the computer and the promise to install a different anti-virus software product.
The vendor, and I am sure many others, are aware of this only when the customer calls the vendor to enquire about error messages warning of virus signatures being out of date.
David Harley, director of malware intelligence at ESET, acknowledged that rogue anti-virus is a growing problem, but with low internet telephony rates it is just as cheap to call a victim as it is to wait for them to drop by your website.
He said: “Like most scams this one relies on social engineering techniques to convince the user it's genuine. Unfortunately attacks like this only make it harder for consumers to tell the difference between security truth and falsehood. Which is, of course, part of the scam: at the same time as the bad guys are making money, they're attacking the reputations of legitimate security organisations and vendors.”
As someone who thought the days of chain letters were over, with all threats now utilising the power of the web, this comes as something of a shock. After all, where are the numbers of customers being sourced from? Are scammers trawling the phone book for potential victims, or are they dialling and hoping?
Or is similar technology being used as to how phishing and spam emails are being used, with a compromised system making these calls? Or are scammers now using call centres to sell their wicked wares?
ESET advised anyone receiving such a call to put down the phone and contact their anti-virus provider directly, with a swift 1471 to find the number of the caller if possible.