As we discussed in our previous post about malware, rogue security software is “any software that tricks the user into thinking their machine is compromised or infected in some way. Some types actually encrypt the infected system’s hard drive making recovery near-impossible via external methods.” (Note that the latter is something this particular malware shares with ransomware.) More generally, rogue security software is often classified as a form of scareware since in most instances of infection that is all it does. It tries to panic the user to force them into make knee-jerk decisions, which could potentially put their computer and their digital information/persona(s) in jeopardy. Over the last decade, rogue security software has become more and more popular amongst “black hat” hackers and other criminal types since it preys upon the user’s fear and unfamiliarity with current technological trends and/or software.
So what is rogue security software exactly? To use a metaphor: it is a signpost pointing users in the wrong direction. Promising safety if the user only follows the path it’s prescribing. What it is really doing is tricking the user with the illusion of safety while setting them up for disaster. More technically, rogue security software relies on a method of intrusion commonly referred to as a “Trojan” – it tricks the user into installing it, clicking on it, or otherwise authorizing it in some way. This commonly comes from a browser plug-in, attached email file, an online malware-scanning app (never use theses), websites that automatically download files by merely visiting them, and other similar methods. One of the more recent developments in infection methods is using software and bots to bring infected hosts to the top of search engine results thereby spreading the infection.
Once you’ve become infected, rogue security software will try to trick you into using it for “scans” after automatically detecting threats on your system. It then downloads other infectious agents and the cycle continues again until your machine cannot operate or it’s locked you out of it completely.
So how do you protect yourself from such a threat? A few simple practices can decrease your odds of infection immensely:
- Browser Plugins/Toolbars: It seems everyone has a browser plugin for their software these days and toolbars are all over the place. Such software is prime real estate for introducing rogue security software into your computer as “bundled app.” To be safe, avoid downloading plugins from anywhere except the browser approved sites and avoid toolbars entirely. They are rarely worth the hassle and even if they are legit applications they can slow your computer down with unneeded resource allocation.
- Common Sense: Rogue security software relies on a user base not knowing the difference between knockoff software and actual security software. The easiest way to deal with such threats is to know what’s dangerous and what’s not. Sites like this blog and other computer DIY websites are invaluable for this sort of self-teaching.
- Security Software: Having some form of security software is required when utilizing the internet at all and especially for extended periods of time. Software like Stopzilla AntiVirus or similar products are worth having for the peace of mind it affords.