What is Fake Antivirus Software?

What is “Fake/Rogue Antivirus Software”?

Fake/Rogue antivirus is software that masquerades as legitimate software and misleads users into thinking that their computer is “infected”.  The user is then prompted into buying the fake antivirus software to remove the virus.  When the user pays the fee for the antivirus solution to clean their computer, they actually download malicious software.  Sometimes, this new “antivirus” program disables the legitimate security software that you already have installed.

How do you get infected?

These rogue programs often hook you while you’re browsing the web by displaying a popup window that warns the user that their computer may be infected. Often, the popup includes a link to download security software that offers to solve the problem, or redirects you to a site that sells the fake antivirus software. It is also often also called scareware since the hackers use messages like “You have a virus,” as a way to get you to click on their message.

The criminal bets on the fact that most people are concerned about getting infected with a virus and will likely buy the software.  Once you buy the software, the criminals also have you credit card information.

How will I know if I am infected?

The presence of pop-ups displaying unusual security warnings and asking for credit card or personal information is the most obvious method of identifying a fake antivirus infection.

How to protect yourself?

  • Be cautious when visiting web links or opening attachments from unknown senders.
  • Keep software patched and updated.
  • To purchase or renew software subscriptions, visit the vendor sites directly.
  • Never click on a link in a popup window.
  • If you are concerned that your computer may be infected, run a scan using the legitimate security software you have installed on your device.