Survey Reveals Internet Users of All Skill Levels Fall for Cybercriminals’ Tricky Tactics

Cybercriminals are getting smarter in their ways in penetrating user PCs. Take that case of the recent Typhoon Ondoy, in just a couple of days a computer virus named Ondoy is already in the wild. To make matters worst, a fake Ondoy anti-virus was also made available to users to download but in reality, the supposed anti-virus application is a virus as well.

When Michael Jackson died, a Michael Jackson trojan was launched in the wild. When former President Corazon Aquino passed away, a Cory virus was also made available. Which makes me wonder, who are more inclined to be lured into such a trick?

According to a new survey from Webroot, computer-savvy consumers are more susceptible than novices to “fake alerts” and rogue security products – bogus malware infection warnings and malicious programs masquerading as legitimate security applications.

Surveying nearly 1,200 individuals ranging in age and computer proficiency levels, Webroot explored the risks and consequences of infection by malware associated with fake alerts. Among the key findings:

– Advanced users clicked on suspicious messages at a greater rate than less experienced users
– 20 percent of respondents strongly trust the first page of search results – a common target for fraudulent links
– Nearly one fifth reported varying levels of financial or data loss following infection
– Over half experienced infections consistent with those of fake alert-related malware

The appearance of fake alerts changes frequently. Ranging from phony Windows Security Center warnings to notifications for security scans and viewer or codec downloads, each is designed to appear legitimate and urgent. According to the Webroot Threat Research team, Internet users can encounter fake alerts through three main vectors:

– Fraudulent links appearing at or near the top of search results. For example, Webroot found that a search for news stories about the arrest of film director Roman Polanski yielded links that redirected to a fake security scan and to “Windows PC Defender,” a known rogue security product.
– Phony file links. Webroot recently reported on its Threat Blog that the Koobface worm is now sending phony video links, seemingly from a friend, to members of Facebook, MySpace, Twitter and other social networks. The links trigger viewer download messages that activate infection when clicked.
– Ads on legitimate Web sites. Webroot researchers recently investigated the origins of a bogus ad on earlier this month which contained code leading to a fake alert and rogue product.

Key Findings

Results from the Webroot survey indicate a general lack of awareness of fake alerts and rogue security products, a higher rate of engagement among advanced and power users, and costly and inconvenient consequences of infection.

Lack of awareness leaves individuals vulnerable:

– 20 percent strongly agree the first page of search results includes trustworthy links
– 40 percent did not know the meaning of “fake alerts,” and 69 percent were unfamiliar with “rogue security products”
– 25 percent clicked on links to unfamiliar sites
– 13 percent clicked on pop-up messages requiring the download of a special viewer or codec

Experienced computer users are more susceptible:

– Over 50 percent of advanced users encountered a fake Windows Security Center alert, versus 33 percent of novice users
– 26 percent of advanced users encountered a fake security scan, compared to approximately 10 percent of less experienced users
– 23 percent of advanced users clicked on a fake alert and in some cases purchased rogue security products; conversely, 10 percent of novice users did the same

Clicking a fake alert can lead to consequences ranging from nuisance to costly:

– 43 percent of respondents experienced ongoing pop-up messages after clicking
– 26 percent had to have their computers repaired
– 11 percent lost files and documents following infection
– 8 percent had to purchase a new computer or experienced unauthorized credit card charges


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: