Scareware Most Costly Online Scam: McAfee

The security software vendor warns consumers that scareware, or fake antivirus software, will be the most costly online consumer scam in 2010.

Security software vendor McAfee this week launched its new Consumer Threat Alert program, a blog and e-mail subscription service dedicated to keeping consumers up to date on the latest malware and online scams circulating throughout cyberspace.

The program's initial advisory was a primer on scareware, also known as rogue software or fake antivirus software, which preys on users' naiveté and their instinctive response to what appears to be a legitimate security shortcoming with their PCs or mobile devices.

McAfee Labs claims that cyber crooks ripped off consumers to the tune of more than $300 million last year, using misleading pop-up and banner ads or free downloads and e-mail attachments laden with malware to swindle nervous Internet surfers out of $49.99 at a pop.

"Scareware is one of the most prevalent, dangerous and sophisticated online scams, victimizing an estimated 1 million people around the world every day," McAfee said in the blog entry.

Obviously, leading antivirus software companies like McAfee (NYSE: MFE) and Symantec (NASDAQ: SYMC) have a vested interest in keeping the scareware story front and center to compel customers to buy their legitimate antivirus software offerings to safeguard data and ward off the scam artists.

But the threat is unquestionably real and repeatedly corroborated by companies and independent consumer organizations that have far less to gain than top-tier antivirus vendors.

The latest data from the Anti Phishing Working Group (APWG), a Cambridge, Mass.-based industry association created to fight identity theft and fraud, indicated that new scareware programs more than tripled from July to December last year.

And Microsoft's (NASDAQ: MSFT) latest rogue software study found that one scareware program turned up on 4.4 million unique computers, a more than 65 percent increase over the first half of the year.

Symantec researchers claim that more than 200,000 Web sites distribute fake security software, using social networking sites such as Facebook and Twitter and all of the major search engines to bait the hook.

Security software vendors have found that many of the scareware organizations are based in Eastern Europe, and use underground hacking forums and Web sites to recruit personnel. However, scareware scams are springing up everywhere in the world. The con is not only lucrative but, security experts said, rarely prosecuted because victims can be so embarrassed that they fell for the ploy they often don't report the crime.

"Even the savviest of computer users fall victim to online threats because cyber criminals have become so sophisticated,” said Jeff Green, senior vice president of McAfee Labs.

McAfee said it has witnessed a 660 percent rise in scareware over the past two years, and a 400 percent increase in reported incidents in the last 12 months.

Company officials expect both those figures to rise, thanks to greater awareness and education from software vendors, the media and new consumer-oriented programs like McAfee's Consumer Threat Alert site. Subscribers will receive periodic e-mail alerts about how to recognize the latest online dangers and tips on how to avoid expensive and embarrassing online scams.

"We’re giving consumers the 'street smarts' they need to live their online lives safely," Green said. "With education and the right technology, we can all play a part in the fight against cybercrime."

Larry Barrett is a senior editor at, the news service of, the network for technology professionals.

Tags: Facebook, security, McAfee, scareware

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.