As we've blogged about in the past, scareware has become one of the top threats on the Internet. Because of their nature, most scareware programs are a challenge for even the best antivirus programs to detect and stop. Getting rid of scareware once it's grabbed hold of your computer is more challenging still. But because of the multi-national nature of most scareware operations, perhaps the biggest challenge of all is bringing their perpetrators to justice. Still, every once in a while the good guys do win a battle, and on Wednesday the FBI announced that it had busted up two scareware rings.
Operation Trident Tribunal
Paul Ducklin, writing for Sophos's Naked Security blog, details just how complicated catching cyber thieves can be. "A crook in Belgium can defraud someone in Australia via a malicious advert served from China which tricks them into a credit card transaction in Canada processed by a server in Finland."
Catching and shutting down this type of criminal enterprise takes an equally multi-national approach. Dubbed Operation Trident Tribunal, the FBI teamed with its counterparts in Cypress, Germany, Latvia, the Ukraine, Lithuania, France, Sweden, the Netherlands, Great Britain, Romania and Canada. More than 40 computers, servers and bank accounts were seized world wide, including 22 computers and servers in the U.S.
The two operations brought down differed considerably in scale. The largest tricked around 960,000 users into installing its scareware software on their computers, and net its operators around $72 million. The second operation was much smaller -- just two Latvian nationals that tricked the website of a Minnesota newspaper into posting a malware infected advertisement. Still, as Ducklin notes, "According to the FBI, it looks as though just two guys were able to make more than $2,000,000 in that scam."
What's scareware, and what to do about it
Scareware is fake anti-virus software. By now, most Internet users have run into an example of that nasty piece of work. You're browsing the Internet and all of a sudden a pop up appears warning you that a "virus" has been detected. You are redirected to a site where a "free" scan reveals lots of malware hiding in the recesses of your computer.
Of course, your computer is not being scanned at all. Instead software is being installed that won't let go until you pay the "anti-virus" company its fee. Adding injury to insult, paying the fee doesn't remove the software. Instead it remains dormant until the scammers decide to reactivate it to get another swipe at your pocketbook. In the worst cases, it can operate silently in the background capturing all sorts of personal data, and leaving you exposed to a whole new level of hurt.
It's easier to avoid getting sucked into a scareware scam than it is freeing yourself from one after the fact. However, the very worst thing you can do is give in and pay the criminals their fee. More information on keeping yourself scareware-free, and what to do should you become infected anyway, can be found in our earlier post.