As we discussed in our previous post about malware, rogue security software is “any software that tricks the user into thinking their machine is compromised or infected in some way. Some types actually encrypt the infected system’s hard drive making recovery near-impossible via external methods.” (Note that the latter is something this particular malware shares with ransomware.) More generally, rogue security software is often classified as a form of scareware since in most instances of infection that is all it does. It tries to panic the user to force them into make knee-jerk decisions, which could potentially put their computer and their digital information/persona(s) in jeopardy. Over the last decade, rogue security software has become more and more popular amongst “black hat” hackers and other criminal types since it preys upon the user’s fear and unfamiliarity with current technological trends and/or software.
So what is rogue security software exactly? To use a metaphor: it is a signpost pointing users in the wrong direction. Promising safety if the user only follows the path it’s prescribing. What it is really doing is tricking the user with the illusion of safety while setting them up for disaster. More technically, rogue security software relies on a method of intrusion commonly referred to as a “Trojan” – it tricks the user into installing it, clicking on it, or otherwise authorizing it in some way. This commonly comes from a browser plug-in, attached email file, an online malware-scanning app (never use theses), websites that automatically download files by merely visiting them, and other similar methods. One of the more recent developments in infection methods is using software and bots to bring infected hosts to the top of search engine results thereby spreading the infection.
Once you’ve become infected, rogue security software will try to trick you into using it for “scans” after automatically detecting threats on your system. It then downloads other infectious agents and the cycle continues again until your machine cannot operate or it’s locked you out of it completely.
So how do you protect yourself from such a threat? A few simple practices can decrease your odds of infection immensely:
- Browser Plugins/Toolbars: It seems everyone has a browser plugin for their software these days and toolbars are all over the place. Such software is prime real estate for introducing rogue security software into your computer as “bundled app.” To be safe, avoid downloading plugins from anywhere except the browser approved sites and avoid toolbars entirely. They are rarely worth the hassle and even if they are legit applications they can slow your computer down with unneeded resource allocation.
- Common Sense: Rogue security software relies on a user base not knowing the difference between knockoff software and actual security software. The easiest way to deal with such threats is to know what’s dangerous and what’s not. Sites like this blog and other computer DIY websites are invaluable for this sort of self-teaching.
- Security Software: Having some form of security software is required when utilizing the internet at all and especially for extended periods of time. Software like Stopzilla AntiVirus or similar products are worth having for the peace of mind it affords.
December 18, 2016 at 11:32 am
A squigilly guy popped up on my screen saying a friend has blocked me. Without thinking I clicked on it and all kinds of bells and whistles started. i believe a number to call was shown to call .All I wanted to do was get out of there as quickly as I could, realizing the mistake I made by clicking out of curiosity. I closed and shut off the computer and restarted. However whether it’s my imagination or not, my computer seems very slow since that occurrence. It is protected with Stopzilla and has not shown any warnings of malware. Could there be something hidden that the scans are not identifying?
December 19, 2016 at 11:48 am
Hi Joseph. The first thing I would suggest is to open STOPzilla and check for updates. After updating, run a full scan of the computer. If you still have concerns after that, please contact our support directly for help.
December 17, 2016 at 10:38 am
I currently have Stopzilla on my laptop. I need to get a new laptop. Is the protection I have transferable to the new laptop?
December 19, 2016 at 11:44 am
Hi Mike. Yes, you would be able to transfer your license to the new laptop. If you need any assistance, please contact support.
December 16, 2016 at 6:14 pm
I have had Chromium and Knight System Protector on my laptop for a couple of months and cannot uninstall them.
Is this the kind of Malware your article is about? They start up each time I log on and I close them.
I tried a program from Reimage to remove them, without success.
Any comments/suggestions?
Derek
December 16, 2016 at 3:25 pm
Hi Derek. Those may be closer to PUPs (potentially unwanted programs) than rogues. The first thing we would suggest is attempting to uninstall them through Control Panel – Add Remove Programs, Programs and Features, or App and Features. If that does not work, manual deletion or using a 3rd party uninstall program may be necessary.
December 16, 2016 at 5:04 pm
I have an example happening to me. Bing keeps appearing and takes over my homepage. Thus far I have been unable to prevent this problem.
December 16, 2016 at 5:41 pm
Hi Ray. That would a bit different than a Rogue Software, but homepage changes can certainly be frustrating. The following links have instructions for resetting homepages in popular browsers: Google Chrome, Microsoft Edge, Mozilla Firefox