Issuu on Google+

[title] Scareware By Emayet Omaid [name of class] Fall, 2011


When it comes to PC computers there are many right and ethical ways to make a living and there are also many wrong and unethical ways to make a living. In the last decade computers have evolved technologically and have become so much more efficient and safe. A few end users who contributed to the spread of harmful malware were not always persons of high moral values and high ethical standards. In a capitalistic economy like the U.S.; many people made it big in the computer world. However, unlike Bill Gates or Steve Jobs for example, there are some computer geniuses that became rich by using their skills and knowledge for wrong and illegal ends. To learn about these crooks and their manipulative ways of scamming people I am going to analyze the article entitled “Scare Tactics” by Benjamin Wallace (Wired). Through my analysis I will try to answer two main questions: What is scareware? How do you avoid becoming a victim of scareware? This article talks about two Internet hustlers by the names of Sam Jain (now 41) and Daniel Sundin (33) who made millions of dollars by exploiting people’s fear of viruses. But first I am going to explain how circumstances of the last decade worked in their favor and allowed them to get away with their fake virus scheme. (WALLACE) In August 2003, Jain and Sundin had a breakthrough thanks to the arrival of the so-called Blaster worm. Blaster quickly compromised hundreds of thousands of machines, making it one of the fastest-spreading pieces of malware ever. Jain and Sundin had built a small empire dedicated to exploiting people’s fears—of bioterrorism, for instance, or deportation. Here was a

2


threat that menaced almost everyone with a PC, which meant a vast potential audience for their manipulative online ad campaigns. Jain and Sandin—now working through a company they called Innovative Marketing Inc., or IMI—merely had to use the fear of computer viruses to sell antivirus software. As described by the article, the personalities of these two crooks were loose and of low moral values. I concluded that one reason that these computer geniuses who use their skills and knowledge to exploit people is that they don’t have high moral values and ethical standards. As the article calls them they are misanthropes, they don’t care much about other people and have a “screw or be screwed” attitude. As I read and reread the article, I noticed how much people are gullible to fall for their scheme. The main way that these two crooks sold their scarewares online was through pop-up ads. According to the article entitled “McAfee: A million 'scareware' victims a day” by Larry Magid, McAfee Labs reports that, "Scareware has increased more than 600 percent in the last two years." The company says that criminals make, "Upwards of $300 million worldwide" from scareware scams. Scareware typically appears as if it's a legitimate security product that informs a user of an infection. Users are invited to pay for, download, and install the software. Not only do these scams take your money but they jeopardize the security of your credit card and your computer. If the scareware contains malicious software it can plant a keylogger or a passwordstealing Trojan on your machine to steal personal information, or it could infect your system with other types of malware, including software that spreads these bogus messages to others.”

3


McAfee's director of security research, Dave Marcus said, “Such programs are actually worse than useless... It doesn't find what it says it finds and certainly doesn't clean what it doesn't find. The only thing it exists for is scaring you into making this purchase. They're very clever in their social-engineering tactics." They often have a "slick web page" that appears to be from a legitimate company.” (Magid) Indeed, Jain and Sundin were masters of social engineering, getting people to willingly hand over money for bogus software. They used the name WinAntiVirus for their first scareware that they created—a name that sounds as legitimate as can be. So be careful when responding to pop-up ads. Larry Magid states that: “The big problem with today's scareware, and the reason it's so successful and increasingly prevalent, is because of a new trick in the way it's written. Most of us are already conditioned on how to handle pop-ups; we close them. But these aren't your everyday pop-ups; they are actually still contained within the page, and the close (X) button is not a true close button at all. It's designed to install the scareware anyway! In fact, it's the most common thing I deal with these days. And after disinfecting a computer, I tell the customer not to use the close (X) button to get rid of these "pop-ups." To avoid infection, you can do one of two things: 1. Close the web browser (Alt + F4). 2. Restart Windows.” Finally, stay informed about new virus alerts and virus hoaxes. A virus hoax is an e-mail message that warns users of a nonexistent virus or other malware. Often, these virus hoaxes are in the form of a chain letter that requests the user to send a copy of the e-mail message to as many people as possible. The content of the hoax message, for example, may inform users that an important operating system file on their computer is a virus and encourages them to delete the

4


file, which could make their computer unusable. Instead of forwarding the message, visit a website that publishes a list of virus alerts and virus hoaxes. (VERMAAT and SHELLY) Jain and Sundin are both outlaws on the run now and no one knows of their whereabouts. To prevent such crimes, Washington's Computer Spyware Act was enacted in 2005 and amended earlier this year to outlaw misrepresentation of the source of a message to a PC computer end user in order to scare the person into installing software. Consumers can file complaints on their own, officials said. Meanwhile, the defendants face penalties of up to $2,000 per violation plus restitution and attorney fees. Microsoft has brought 17 spyware-related legal actions since the Computer Spyware Act was enacted in 2005. To protect themselves against these and other threats, computer end users should keep their operating system, antivirus, firewall and antispyware software updated, Microsoft said. (Mills)

5


Works Cited WALLACE,Benjamin. "Scare Tactics." WIRED(2011): 112. Magid, Larry. MacAfee: A million 'scareware' victims a day. 9 March 2011. <http://news.cnet.com/830119518_3-10466253-238.html?tag=contentMain;contentBody;2n>. Mills, Elinor. Microsoft, Washington State Sue over 'scareware' pop-up ads. 29 September 2011. <http://news.cnet.com/8301-1009_3-10053565-83.html?tag=contentMain;contentBody;5n>. VERMAAT and SHELLY.Discovering Computers FUNDAMENTALS. 2011.

6


Scareware