The Symantec Report on Rogue Security Software is an in-depth analysis of rogue security software programs. In total, Symantec has detected more than 250 distinct rogue security software programs. During the period of this report, from July 1, 2008, to June 30, 2009, Symantec received reports of 43 million rogue security software installation attempts from those 250 distinct samples. The continued prevalence of these programs emphasizes the ongoing threat they pose to potential victims despite efforts to shut them down and raise public awareness.

1. Symantec Report on Rogue Security Software Symantec Security Response October 19, 2009

3. Scareware – also known as fake security software– trick people into downloading them, often through unfamiliar websites. Scammers rely on fear tactics and other social engineering tricks to dupe users into purchasing and installing fake security software

7. Scareware may actually install malicious code

8. Scareware scammers may use the personal information provided by the victim to purchase the fake security software to commit fraud, including identity theft

10. Ads for scareware are found on both malicious and legitimate sites

11. Links to scareware sites may be distributed in spam email or in comment spam

13. Don’t respond to emails that ask for personal info

14. Use an up-to-date security solution purchased from a reputable vendor through a reputable channel

15. When asked to “allow” or “deny” an application access to the Internet, always deny unless you’re absolutely confident the site it is accessing is authentic and safe

16. If you’re on a wireless network, secure it with a password and don’t allow unknown computers to access your home network

17. Use strong passwords with a combination of letters and numbers. Change it regularly

18. Don’t give your credit card details to unsecured sites. Look for https:// at the top of your browser and the padlock symbol on the bottom right-hand corner of the screen

19. Use a website rating service, which can tell you if a site poses a risk before you visit it

20. Review your bank and credit card statements regularly for suspicious transactions

22. Symantec estimates that the initial monetary loss to consumers who downloaded and purchased these fake products during this reporting period ranged from $30 to $100

23. Among the distribution sites Symantec observed for this report, the highest payouts to affiliates for installations by users were in the United States, where payouts averaged $0.55 per installation

24. One distribution site observed by Symantec, TrafficConverter.biz, purported to have its top affiliates earning as much $23,000 per week for installing and selling security risks, including fake security software programs, onto people’s computers

25. During this reporting period, Symantec received reports of 43 million fake security software installation attempts from the 250 unique programs identified

26. The top five reported fake security applications observed by Symantec during this reporting period were, in order, SpywareGuard 2008, AntiVirus 2008, AntiVirus 2009, Spyware Secure, and XP AntiVirus

27. Of the top 50 reported fake security applications during this reporting period, 61 percent of the scams observed by Symantec were attempted on users in North America