National KE-CIRT/CC Cybersecurity Best Practice Guide of The Week
In This Issue:
Rogue Security Software
ROGUE SECURITY SOFTWARE
Rogue security software is a form of malicious software and Internet fraud that misleads users into believing there is a virus on their computer, and manipulates them into paying money for a fake malware removal tool (that actually introduces malware to the computer).
Rogue security software can strike your computer in the same way as most other malware. Some of the most common ways your computer can become infected with scareware are:
Advertisements: Rogue security software programs are advertised using legitimate advertising networks to display ads on both malicious and legitimate websites, including blogs, forums, social networking websites, etc.
Spam Emails: Though not a very common method, cybercriminals may also use this cost-effective method to distribute their rogue security software as a download link via spam emails.
Manipulated rankings: Websites that distribute rogue security programs (usually developed by cybercriminals) often appear in search engine results. Believing the website listed in the search result is genuine, when you visit the website, the website trick you into downloading rogue security software or similar programs.
How To Tell What's Real And What's Not?
Check out for spelling mistakes/poor English: One common thing among most rogue security software is the use of poor language and phrases.
Verify the source: If you never heard of the company before, chances are they are not legit. Search for the name of the company who makes it and read up what others have said about it. Never trust a “customer comments” page.
Read some reviews: Spending some time searching about the program and reading some reviews can help you know more about the product.
Consult a professional: If you are not sure whether the program you want to install/buy is genuine or not, always seek assistance of a professional.
How to Protect Your Computer Against Rogue Threats and Other Malware Attacks:
Familiarize yourself with common phishing scams and attacks.
Secure your PC with legitimate security programs — antivirus, antispyware, firewall, etc…
Make sure all security programs installed on your computer is up-to-date and are always turned on.
Think before you click on links on a website/email.
Do a Google search for the product name before installing it on your computer.
Do not click on ads that look scary. If the product name is not in the ad, or is trying to provoke fear, never click on it.
Do not open email attachments that you were not expecting.
Be careful while searching for security tools.
Always download programs from its official source.
Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity