Fake antivirus products can be a headache for end-users, but they’re also potentially robbing New Zealand resellers of income.
The AVG Community Powered Threat Report, Q4 2011, highlights the continuing success of fake antivirus products, which has been noted in previous reports as well.
Michael McKinnon, AVG (AU/NZ) security advisor, says the Q4 report in particular highlights the issue. "Resellers could miss out on sales because end users think they are protected because they’re running fake anti-virus software.
"It really highlights the importance of enquiring further as to what your customers are running and making sure what they are using is legitimate.”
While the Community Powered Threat Report is a global report, with no New Zealand breakdown available, McKinnon says ‘there are definitely some cases in New Zealand’.
"Resellers need to build awareness of the issue,” he says. "It’s home and small business users who are affected and it really does affect so many people.”
The report highlights the ‘second-click redirection mechanism’ infection method, which redirects the subject to a fake antivirus scanner that in turn lures him or her into downloading and paying for an antivirus tool to ‘removes’ the fictitious malware.
"Another important aspect of this story is showing that the underworld of cyber crimes is organised,” AVG says. "Malicious websites do not only share traffic, they also share owners.”
McKinnon says New Zealand resellers should also get abreast of the latest issues in mobile security, to ensure they are able to not only advise clients of the products available, but offer practical tips, such as remote wiping and the use of PIN codes.
"Resellers need to be mindful that they are the front line. Resellers have a responsibility, which I think a lot forget, to help ensure people are not being scammed or taken advantage of.”
The Community Powered Threat Report also flags the risks hidden in QR codes, which ‘are being discovered as an ideal way to distribute malware to unsuspecting victims’. McKinnon says a perfect storm is brewing as the convenience of QR codes and the ability to download a mobile app combine with mobile phones already known security flaws.
"Add to that that large brands are starting to use QR codes, providing almost a default trust factor...” he says. "We’re carrying around smartphones that are as powerful as a desktop computer five or six years ago and it’s so easy for users to scan the QR code and unwittingly download malicious applications that can very easily breach their privacy.”
The report says putting a malicious QR code sticker onto existing marketing material or replacing a website’s bona fide QR code with a malicious one could be enough to trick many.
As Yuval Ben-Itzhak, AVG Technologies chief technology officer, says in the report, the convergence between computers and mobile phones applies to malware too.
"As phones become more like computers, so do the risks. Many sophisticated tricks of the trade from computers are now being repurposed for phones. However, as phones are often tied into billing systems the gains can be far greater.”
Other issues highlighted in the report include stolen digital certificates bypassing security on mobile phones and the persistence of rootkits.
Heather Wright is editor of The Channel; go here to subscribe.