We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Web of deceit

It was news to us: a review on the PC Advisor website no one in the office had seen before, praising an application we knew to be malware, and with our own star ratings awarding the software full marks.

But after looking at the evidence in detail - a screenshot we were presented with by a security researcher - it was clear the website address was not PC Advisor's and the words on the screen had been doctored. Welcome to the world of fake software reviews.

Fear not, because the ‘review' in question didn't actually appear on our site, and only a limited number of people will ever see it - those with PCs already infected by one of a number of dodgy ‘antivirus' apps that dupe users into paying to remove innocuous or non-existent software problems.

Many of these tools - which go under a variety of guises, including Anti-virus 2010, Antivirus-1 and Antivirus XP - use pop-up alerts on websites to convince users that their PCs have security problems that can only be solved by the product in question. Once they're installed, these apps pester you with a constant stream of nuisance alerts warning you that your computer is at risk.

Such applications have been doing the rounds for a couple of years, but recent events have made this type of scam even more convincing. When some versions are installed, they add a series of entries into the Windows hosts file that direct users to pre-defined URLs. Then, when diligent downloaders head to the web for third-party reviews of the application, they're directed to glowing reviews written by the malware developers on copycat sites, specifically set up to mimic those operated by the UK's most respected technology magazines.

A closer look at the web address usually gives the game away - while the rogue site's design closely resembles that of the real thing, the URL is slightly different. But if you don't know what to look for, it's easy to get conned.

If the security of your PC wasn't at risk you might well marvel at the ingenuity of it all, but the reality is that this scam is just the latest example of how tricksters have become more creative in their attempts to attack your system.

Installing security software and ensuring it's up to date is no longer sufficient; many of the most recent attacks prey on human rather than software vulnerabilities. They use social engineering and other sophisticated tricks to convince you that you're getting a good deal, while surreptitiously loading your PC with malware or emptying your bank account. Even those of us who are naturally suspicious of free downloads, keep a close eye on the suitability of the websites we visit and ensure our PCs are scanned by antispyware software on a daily basis can easily get caught out by 2009's most inventive security traps.

New web threats

So it pays to stay one step ahead of the scammers. As well as rogue antivirus programs, this month's cover feature looks at the latest online banking threats, social-networking swindles and phishing attacks. Plus, we tackle the newest Windows weaknesses and more, showing you how to stop the 25 hottest security threats of the moment. Pick up a copy of our June issue to ensure you don't become one of the thousands who get caught out every day, on sale now.

IDG UK Sites

5 things we want to see in Android M: New features and fixes

IDG UK Sites

iPad mini 3 release date rumours: 'iPad mini Air' will be 30 percent thinner than current model

IDG UK Sites

Introducing generation tech

IDG UK Sites

This animated film reveals the importance of designing for everyone