Barely a day goes by without a PC-security scare story making the news. Attacks such as Conficker, Zeus and Koobface or social-engineering scams such as fake antivirus software provide a constant reminder of the various ways our computers can become compromised.
While these attacks differ in the ways they target PCs, what connects them is the level of sophistication behind the scenes. Software developer Panda Security told us that 52 percent of the malware it sees has a life expectancy of less than 24 hrs, so the successful malware writers have to be increasingly innovative to get their creations on to your PC, or your personal data off it.
That's particularly true of those behind rogue security applications - a growing menace that's getting more aggressive each month. The scam usually starts as a pop-up advertisement that looks like a virus scan. Once the ‘scan' is complete, various ‘threats' on your PC are flagged up, and the software claims your only course of action is to pull out your credit card and pay to remove them. However, once you've paid to install the apparently legitimate software, it'll install a range of viruses, Trojans and keyloggers.
This sort of attack is incredibly cunning, but it's what goes on behind the scenes that will fascinate those intrigued by the cybercriminal underworld. The software code that drives rogue antivirus and other attacks can be bought off the shelves at one of a number of ‘malware flea markets' on the internet. Shadowy pushers of Trojan downloaders and tools for evading detection use these sites to bargain with thousands of opportunists willing to compromise your computer for a fee. Once your PC has been successfully breached, attackers can open the floodgates to spam, malware, fake antivirus programs or ID-stealing software.
Computers in the US are the most valuable targets, according to a recent report in Network World, with hackers earning $140 for every 1,000 PCs they compromise. Worryingly, UK machines also attract a premium. Hackers earn $100 per 1,000 computers here, $60 in Italy, $30 in France and $6 in Asia.
The revenues for those behind cybercrime are huge - the FBI estimates that rogue antivirus scams have netted their perpetrators $150m, and that pales in comparison to the money accumulated by banking fraud enabled by ID theft, or even by stock market scams instigated by spam emails touting penny stocks. In short, your computer, email address and identity are worth real money.
But the antivirus software market is worth even more. More than a billion PCs are in use worldwide and the bulk of them are running antivirus software. Freebies such as AVG Free and, more recently, Microsoft Security Essentials provide a basic level of protection, but PC enthusiasts know that not all antivirus products are created equal. Furthermore, the capabilities of each product change every year; last year's top dog might not be able to fend off this year's attacks quite as effectively.
PC Advisor constantly analyses the prime contenders, and in our March issue we look at 2010's round of releases. We've rigorously evaluated the top 10 security vendors' products, using hundreds of thousands of malware samples and the latest heuristic tests. Pick up a copy of the March issue, on sale today, to read the full low-down, and you can have confidence in your computer's defences the next time a PC security scandal hits the headlines.