Home : Security : News

Fake anti-virus cold calling warning issued

One in four people have been contacted by gangs trying to flog fake IT security services, Get Safe Online says.

By Tom Brewster, 15 Nov 2010 at 11:04

Criminal gangs have been busy cold calling UK web users trying to sell them fake anti-virus software, a campaign group has warned.

One in four British adults have been contacted by people purporting to be from legitimate IT companies and promising to fix computers for a price, Get Safe Online has warned.

A typical fee is around £30, but the cyber criminals are after more than a one-time payment – they also want credit card details or remote control of the victim’s computer.

To do this they will tempt the user into downloading fake anti-virus software, which will then infect the victim's system and steal their data.

Recent cases have seen between 300-400 people working on such an operation, using “call centre scale set ups,” explained Sharon Lemon, deputy director for cyber crime at the Serious and Organised Crime Agency (SOCA).

“They can also be paying out as much as $150,000 (£93,300) a month (on a pay per download basis) to individual webmasters who are unwittingly advertising their fake software – this level of investment from criminals indicates that the returns are much heftier than this,” Lemon added.

"Given that our latest research indicates 80 per cent of UK internet users have never heard of these ‘IT helpdesk’ scams, yet almost a quarter have been approached by them, it is vital that we make people aware of this threat,” said Baroness Neville-Jones, minister of state for security.

Get Safe Online research also discovered 48 per cent of UK web users had seen a pop-up window appear on their screen warning them their computer was infected.

While gangs use the internet as a launchpad for their attacks, the use of telephones has signalled a shift in their tactics.

“The one-to-one nature of the telephone calls also signals a more invasive approach,” said Dr Emily Finch, criminologist at the University of Surrey.

“Telephone calls use the personal touch to gain trust. By knowing just a little bit of information about someone (e.g. date of birth, full name, address – easily obtainable by fraudsters who know where to go), criminals begin to sound credible and plausible in their approach.”

The research comes at the start of the Get Safe Online awareness week designed to help people use the internet safely and protect their PCs.

Fake anti-virus has been a growing problem of late. Earlier this year, Google research showed fake anti-virus accounts for 15 per cent of all malware on the web.

Email to a friend

Print this page

< Previous Security : News Next >

4 comments

You need to Login or Register to comment.

Common sense

In order to stay safe online, the best way is to employ common sense; if a site or link appears to lack legitimacy then do not click on it. If somebody calls you offering anti-virus services; decline the offer and verify the company online. Please read my blog with more tips here: http://bit.ly/btlpTR

By MSC_247 on Monday Nov 15

Inherent security

Security should be inherent to the OS. Allowing week OS's forces users to rely on third party software to bring a sense of security. Now gangs are exploiting this weakness which could easily be avoided if third party security was not a mandatory requirement.

By pjohns on Tuesday Nov 16

Fake virus calls

We've had >21 calls like this - mainly from India.
Of all tactics, the best is just put the phone down. They work to a script.
Asking them to wait & walking away doesn't work as the phone routing generally just bumps up another party's phone bill

By Ip_allisonallen2 on Tuesday Nov 16

Computer literate, or not?

My 79yr old mother uses her PC and has never heard of these scams. She says she would probably have believed them - They are very convincing in the scripts they follow and go through a process of 'proving' your PC has problems by getting you to look at the system log (as well as other entirely invalid 'proofs'). They would not get her C.C. details as she doesn't have one!

Everything is done to encourage use of computers by private companies ("check our web site for more details") and the government (do your tax return, claim your benefits, etc. online).

However, there is not enough done to let people know of these swindles. Apparently, the cold calling swindle "your PC is reporting viruses, so we can fix it for you…" has been around for ages. I didn't know about it until a couple of months ago when I got my first call.

It had apparently been reported somewhere in the PC press but not in the national media until now. In the meantime many people have been conned by this.

We have now had 5 such calls. I have taken to asking the callers if their parents are aware of what they do for a living, pointing out that their parents would be ashamed of them. Well..., who cares whether they are or not.

The point is that if people were aware as soon as possible, after these scams come to surface, then the callers would be much less likely to succeed, making it a non-profitable venture.

It almost like encouraging car ownership, then telling people to learn how to drive by starting the engine and setting off on the roads by themselves.

By aga171 on Tuesday Nov 16

Latest Security Analysis & Insight

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

More Security Reviews