Scareware Fraud, Part Two

By Robert E. Holtfreter, Ph.D., CFE, CICA;Tiffany McLeod

In part one, we defined scareware and its prevalence. In part two, we examine specific ways fraudsters lure victims, how to avoid infection, and legislation of this latest evolution of malware. 2011-MayJune-scareware 


As Mark Saltillo worked on his computer, a message with a professional-looking security logo popped up, warning of corrupt files in his "My Documents" folder. The pop-up instructed him to download OnPoint Fix, which ended up encrypting his files so he couldn't read them. Multiple dialogue boxes then directed him to OnPoint Fix's website, and he used his debit card to buy the software's $75 fix. Days later, he checked his bank balance and discovered his account was empty. OnPoint Fix is one of many rogue security software packages, posing as "file repair applications," that not only infect computers but steal debit and credit card numbers. Saltillo was the latest victim of one of many forms of scareware. 
Though this case study is fictional, as we discussed in part one, scareware fraud is a real, growing threat to all Internet users. Scareware fraudsters con millions of dollars from unsuspecting victims each year by taking advantage of their natural fears about online security.  

In part two, we will examine critical aspects of the scareware fraud problem, including (1) ways victims can encounter it and what happens when they click on contaminated links, (2) how to fix it, (3) methods to defend against it and (4) legislation to control it.

 How can typical users protect themselves from these scareware scammers? The first step, of course, is to know the enemy. 


For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.