Scarewares are the latest online menace, which attempt to scare you and thus make you buy fake fix solutions to cure your perfectly working computer system. They would appear as ’security alert’ pop-ups, warning the users of critical errors and offer to do a free scan of the system to identify the errors. These alerts can look genuine wearing the garb of a legitimate Windows operating system feature. The alert can also come via email messages or in the form of advertisements.

The obvious intent of these scareware alerts is to induce the receiver to act on the warning and eventually get paid for ‘curing’! If the scan offer is acted upon, then the scan results will show a list of serious errors on the system. The catch is, of course, that there is a fee that should be paid in advance for fixing the problems! If the user is foolish enough to go forward, he will not only lose money but will also be causing damages to his own computer system.

The US Federal Trade Commission says the creators of these ’scarewares’ are out to dupe the users. In all probability, the system does not have any viruses and is clean, but acting on such a fake warning will create hitherto nonexistent new problems on the system. FTC further advises that if such a security alert window pops up on your system, your immediate action should be to search the name online to see whether it is a rip-off. Almost certainly, you will learn that it is.

Cybercrimes continue to evolve with the time and the criminals always come up with ingenious ways, with the ultimate aim of getting money out of the user. The people behind the scarewares are difficult to trace as they operate from remote corners of the world or uses fictitious identities. If there is a money trail, however, it is helpful for speedier detection and prosecution. Microsoft has helped put the case together with the Attorney General’s High Tech Unit. Software giants have, in the past months, filed law suits against offenders and are constantly monitoring to detect any more offenders. Few of the scam programs listed include Scan & Repair, Antivirus 2009, MalwareCore, Windefender, XPDefender and WinSpywareProtect.

If you happen to receive such a pop-up scareware alert, do not click on the ‘yes’, ‘no’, or ‘cancel’ buttons or click on the ‘x’ on top right corner to close the window. Many of these scareware alerts are written to act if you click on any of these buttons. The right way to terminate this alert is to press the Ctrl-Alt-Del combination to open your task manager, select the appropriate program and then click to end the task. Also, it is a good practice to reboot your system immediately thereafter. You should ensure that the system has a good live anti-virus, anti-spyware software and also a firewall to protect the system.

So, the next time you see such a ’scareware’ warning, you know what to do. Do not invite trouble by clicking ‘yes’ on all offers without knowing the implications. Only if you are careful, you will be able to maintain the good health of your system in these troubled times.

If you wish to read further on scarewares and/or see a list of legitimate security vendors, here is a link you may wish to explore:

http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt121.shtm

Explore More

What are the various features of snort?

Snort has the following features: * It detects threats, such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors

How does a cross site scripting (XSS) attack work?

A cross site scripting attack works in the following manner: * The attacker identifies a web site that has one or more XSS bugs for example, a web site that

Tutorials (overflow, using debugers, exploits coding…)

* Stack based overflows (direct RET overwrite) : (Tutorial Part 1) http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ * Jumping to shellcode : (Tutorial Part 2) http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/ * Stack based overflows – SEH (Tutorial Part 3)