So I get this email from AntiVirus 2011 Plus this weekend, that looks totally legitimate, saying I can download a “Complete AntiVirus Protection Solution.” A big blue link in the middle of the page calls me to Scan My Computer Now.
Scanning the message quickly, I almost clicked before realizing it was a scam.
Fake antivirus scams are rampant but this was a new twist.
I tried researching this fake antivirus scam but it was not all that easy.
Because nearly every real brand of security software—such as Symantec, Kaspersky, and McAfee—makes an antivirus product and calls their product “antivirus 2011,” discerning the fake from the real is difficult.
On YouTube, I found a video telling people how to delete this malware from their computers. See below what a stubborn little Trojan this is.
While the Web is loaded rogueware that tells you “Your computer is infected,” I can’t recall ever getting an email from a fake antivirus company, certainly nothing as well-conceived as this scam.
Social engineering, the art of manipulating people into letting you run a Trojan on your computer or divulge confidential information is the biggest threat to security on the Web.
Larger companies like Google and Citibank are more vulnerable because they have so many users and, to scammers, this is a game of large numbers.
What’s disconcerting is that the companies in the private sector that have the best resources to help you fight against malware have incentive to not share the information systematically. Will Symantec tell Kaspersky how to improve its antivirus software?
The best thing you can do to guard against phishing and spoofing is to use the Web defensively.
Advisors using secure apps to store and give access to personal identifiable information to clients cannot ignore the trend.
They have a special responsibility to watch the trends in social engineering and communicate about them with clients.