Podcast: Symantec says beware of rogue security software

If you've ever gotten a pop-up message warning that your PC is infected, it could very well be an advertisement for rogue software that can do a lot of harm and absolutely no good.

Symantec has just issued a report saying that the company has "detected over 250 distinct rogue security software programs." These scams try to convince users that their machine is infected and offer software for purchase that will take care of the problem. But instead of removing security threats, it can create them by installing malicious code that can allow criminals to take over the victim's computer. In addition, a user who provides a credit card number to buy the software is not only out the cost of the software but has just provided credit card information to thieves who can misuse it or sell it to other thieves.

The "security software" often has a legitimate sounding name and may even quotes what appears to be a review from a legitimate source.

In a podcast interview, Symantec Security vice president Vince Weafer warns users not to respond to security messages that they view as pop-ups or on websites, especially if they look like a hard-sell. Instead, rely on legitimate security software. If you have any doubts, Symnatec and other legitimate security companies offer free scanners that can tell you if you have any infections. Also, Microsoft now offers its free Security Essentials that can detect and fix many security threats.

Listen now: Download today's podcast

[richard993]

Since when did Microsoft release any security products that actually did something useful apart from chew up disk space and tie up your CPU?<br /><br />The best security software you can get is called "common sense", not something than gives you a false sense of security and potentially subconsciously invokes careless behaviour.

[ITDph]

I've been using Microsoft Security Essentials for about 2 weeks now and have purposely gone to websites known for attempting to install trojans. MSE has caught every attempt. It doesn't eat up a lot of disk space, doesn't use a lot of CPU cycles and updates itself silently. Initially, I was skeptical about the software but can attest to its ability to protect your computer.<br /><br />As far as the rogue security software, there have been times that I've had those popups come up. I know they're not legitimate but the people that are developing the software are making the dialogs look more legitimate - like they're from Microsoft. Many inexperienced users could easily get infected by the software, which by the way MSE does detect and prevent from the user from being fooled. Prior to MSE, I used Avast and believe it is probably still better than MSE. I like its user interface better and being 'verbally' notified that an update has been installed for the virus definitions.

[woganmay]

if you're naive enough to believe what a web-based popup tells you - stuff about your computer it could never know - then you quite frankly deserve to be nailed for it.<br /><br />Someone needs to come up with a better OS for these people. An OS that offers as little choice as possible. It's the only way to protect them from themselves...

[mike852852]

Don't forget about all the senior citizens out there who's minds aren't quit right. They don't deserve to be hit; they just don't know any better.

[Lerianis3]

by mike852852 October 20, 2009 12:00 PM PDT<br />Don't forget about all the senior citizens out there who's minds aren't quit right. They don't deserve to be hit; they just don't know any better.<br />__________________________________<br /><br />Actually, most 'senior citizens' are of their right mind and still get hit by this.... it's just that they are not very CPU literate, which is a problem today and which can only be solved by EDUCATION of the people.

[Kalemanzi]

I just charged a client for removing such a program today. Internet Security 2010 whatwhat. I personally work on Linux and never have any issues with malware. It's those Window$ users that have all the issues. Fortunately, M$ operating systems combined with user ignorance turns out to be a steady stream of income for me since they get infected all the time and I get to repair the systems. I'm sure Symantec would be totally out of business if it was not for M$ and the security holes in their operating systems. As for a solution for users who just uses internet, email and office apps, any Linux distro with thunderbird, firefox and Open Office will do the thing hands down.

[Lerianis3]

Microsoft operating system are not the problem, and have you ever had a Vista machine be infected? I think not, not unless the user was stupid enough to run the installer for the malware. As I have said before, many of the 'security holes' people point it are just Microsoft making it so that people can run programs on thier computer.<br /><br />It seems like your ad... oops..... posting, is an advertisement for Linux, which has it's own share of problems. Like being too command-line only and too complex for normal users.

[LowTekotc]

Geeez, come on Symantec.<br /><br />OLD news. I have been cleaning rogue apps for years, no wonder I can never use Symantec products for virus removal's at work.<br />WinPCAntivirus2009, AntivirusGold2010, Windefender Pro 2009 etc etc, old news, keep staying years behind symantec.<br /><br />Combofix and Smitfraudfix have been removing Viruses/rogues/trojans that symantec has been missing for years.

[Lerianis3]

Name on thing that Symantec has missed? I doubt you can find ONE that they have missed for more than a few weeks after it was known to be out there.