I’ve seen a lot of threats over the years for computers but man alive it’s hard to imagine 35 million computers being infected each month with rouge security clients. According to PandaLabs they found 1,000 samples of fake rouge clients in the first quarter of 2008. In just one years time that grew to 111,000. In the second quarter of 2009 it reached 364,000. These stats were taken from a Cnet article we found here.
PandaLabs goes on to say that there could be as many as 35 million computers infected each month with these rouge threats. Personally I find the number a little high but I do know this issue has grown significantly over the past year. After reading many articles on the matter it seems every security software company says about the same thing. rouge clients are still on the rise. In the past year I have personally noted a big increase in fake clients. Before I was seeing a few every month or so but now it’s a few new clients each and every week. Most of these new clients that come out are from the same makers. In fact plenty of them use the same GUI ( Graphic User Interface ).
The only difference is the name of the product and the trace files. To go a step further, most fake clients that are made by the same person or persons are using the same IP address. It’s very easy for an expert to tell what software is misleading and or malicious. The thing I don’t understand is why these sites aren’t shut down sooner. There is one site out there that has been using the same domain name for months and it’s still up. People can still go to the website and place their credit card info in there and get charged for the fake client. It’s crazy to think that the host, registrar, credit card companies, ICANN, government agency’s and Security software makers don’t do a whole lot to get these sites shut down in a timely manner.
Let’s do the math. If 35 Million people get infected each month and the average cost of the software equals $50 USD and the average conversion rate of these fake programs are 3% then over 52 MILLION dollars is being generated each and every month from these fake programs. 52 MILLION!!!! “Screw selling drugs for a living” Says the Mafia and terrorist groups. Who is Getting PAID I’m starting to get very riled up now. How about you? So who is making all this money. After all 52 Million a month is a lot of money. The makers of these fake clients often times enlist affiliate’s to sell and market the product. In these cases a normal commission structure is 75% of the sale will go to the affiliate and 25% goes to the maker of the product. Minus any credit card fees.
So if someone purchased a life time membership for 90 bucks. The affiliate would make $67.50 and the software maker would make the other $22.50. These affiliates know the product is bogus and in most cases they have no restrictions on how they get the software installed on the users system. This opens the door for hackers to place some javascript code on a legitimate website that they hack and either force a download on the unsuspected user or trick the user into downloading the product.
In many cases a trojan virus is installed. This Trojan then goes out and downloads the fake product as well as several other threats to the system. If you were to make a purchase of the fake product then they get paid as well as the maker. I do need to stress that most affiliates out there selling products are legit. I’m an affiliate of just about every real security client out there. The difference is I promote legitimate software. Not all these companies use affiliate programs but most do. This makes their reach far wider and they make many more sales. Real security vendors benefit as well. Because most people realize the program they are infected with is not real they now need to remove the fake program. How do they go about doing this? In many cases they will hire a pro to remove it for them or purchase real security software to help them remove the current threat on their computer.
This means real security companies are making money off these fake programs. Computer repair companies are making money off of these fake programs and affiliates like my self that sell real security products are also making money off of these threats. So who’s job is it to shut these sites down? I think that is one of the real questions that arise from this article. I see no set organization who has this responsibility. If a site is identified to be selling such a fake client then what is the process for shutting down the site. Is there a number or website to report it? Policing the internet is a scary thought and I’m not really going there. I’m simply suggesting a set process be made for companies at large be made for the sole purpose of freezing assets and shutting down malicious websites that sell fake antivirus clients. Clearly if there is a process out there right now it’s broken.
How to Solve the Problem
Step 1. Have a process in place to report these sites and have the assets of these sites frozen until a quick and timely review is done. If the site is determined to be selling misleading anti virus clients then have the domain name forfeited and shut down immediately. The frozen assets should then be returned to the affected users. How this can be done is beyond my understanding and I’m sure it will take people far smarter then me to figure it out.
Step 2. Educate the public on fake security clients. It literally steals hundreds of millions of dollars each and every year from people. This is a huge problem. This money is being sent to bad people. I’m sure there are plenty of organized crime and terrorist groups that are making a bundle from it. Forget about selling drugs. This market is more profitable and less risk. Perhaps this is why we are having such an issue right now. If people know the software is false then it will deeply cut into the profits of these companies. If no one purchased the software then this type of scam would stop. Public service announcements or ISP’s sending out a waring to all it’s email clients would go a very long way in preventing these scams and help their users at the same time from being infected and having to call in about the infection. There needs to be a long term solution made to help solve this issue.
I’m sure it will take trial and error find a solution that works but something has to be done. Right now I feel even with all the free removal guides that I right for these programs that there is no end in sight until some kind of process is put in place to stop such threats and shut down the websites.
On a final thought I want to provide my readers with a little warning. Last year in Early December through later January I saw a HUGE BOOM in false threats released. This leads me to think that it was timed for all the online shoppers in the Christmas season. After all people are going online because they have something in mind to purchase. So with their credit cards already wiped out and a mind set on spending money it’s easy to see why these dates bring out more rouge security clients. Now is the perfect time to ensure you have all your Windows and Mac updates. Now is the time to ensure you have a security client that protects your computer on the front end. If you are using a free client then consider purchasing a real one.
I do not and never have recommended anyone to use a free program alone for security. Many of them do not provide enough front end protection. Unless you trust the source of the program you are about to install DON”T INSTALL THE SOFTWARE. If you think you are on a malicious website then do not hit the back button or attempt to browse away from the page. Simply close the browser down and start a new session. If you can not close the browser by pressing the X button then use the ALT+F4 keys to terminate the program. This is the best way to ensure you do not accidentally install a fake program onto your system. Also you should stay away from torrent files and adult websites. These things just lead to trouble later down the line.
Speak Your Mind