We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft takes legal action against scareware

Fake antivirus 'malvertisers' targeted

Microsoft is starting legal preceedings against five companies it claims has tricked web users into installing malicious software on their PCs.

The company is suing DirectAd Solutions, Soft Solutions, qiweroqw.com, ote2008.info and ITmeter, saying that these companies have used ads to "distribute malicious software or present deceptive websites that peddled scareware to unsuspecting internet users," said Tim Cranton, associate general counsel with Microsoft, in a blog.

Scareware is malicious or ineffective software. It's so named because buyers are usually scared into buying it with fake messages that tell them that their computer has been infected. These products have been around for years, but in the past few months they've become a major problem.

Over the weekend, The New York Times was tricked into running a scareware ad on its site by scammers pretending to be with Vonage, a legitimate telecommunications company.

But scareware ads are popping up everywhere these days, security experts say.

"These guys have decided to go full-court press on this, because it's obviously very profitable," said Paul Ferguson, a researcher with antivirus vendor Trend Micro.

The scareware scam

Typically, when a scareware advert pops up on a victim's screen, it looks like a Windows utility running some kind of security scan.

It will then warn that it has found a critical security problem and direct the victim to a website where they can buy a product to fix the issue.

When the victim pays, the scammers then deliver useless or even malicious software. Often, they also use the victim's credit card number for further fraud or try to hack into the machine.

In addition to pushing malicious ads, these scammers have also been poisoning Google search results lately. To do this, they keep track of hot search topics and then use search engine optimisation techniques - using software to create a bunch of links to their malicious pages - so that their pages come up first in search results.

When the victim clicks on the fake search result, they're taken to a web site that pops up the fake scareware system scan. Recently, they've hijacked search results relating to a number of celebrities including actor Patrick Swayze, who died earlier this week.

Microsoft's lawsuits are so-called John Doe suits, meaning the company does not know who is behind these companies but hopes to discover the perpetrators as it continues to investigate.

Nevertheless, Cranton wrote that Microsoft hopes that the "filings will help deter malvertising in the future".

Broadband speed test

PC security advice

See also: Security vendors team up against fake antivirus

IDG UK Sites

LG G4 launch live blog: What to expect from the LG G4 launch

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

Doctor Who scoops VFX gong at BAFTA TV Craft Awards

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......