Microsoft Warns of Increases in Rogue Security Software Threats

By now, most of us have seen some form of virus threat. Whether this threat is received via e-mail from a friend who warns us of the latest hacker activity, or it arrives as a pop up message on our monitor warning us that our system may already be infected, it can be an everyday occurrence.

It remains somewhat a mystery why it is so appealing to some to wreak havoc for others, but the latest surge in rogue software solutions available on the market is shining some light as to the benefit these hackers receive from their activities.

The latest and growing trend in the industry now provides significant revenue opportunity for hackers as they hide viruses in fake computer security software in an effort to trick people into installing these damaging programs on machines. Glenn Chapman reported in Yahoo! News that Microsoft (News - Alert) is warning against these threats.

In a security intelligence report issued by Microsoft, the company warns that rogue security software is a growing threat. Hackers are preying on consumer fears of worms such as the infamous Conflicker.

"Rogue security software is the number one threat worldwide," said George Stathakopoulos, general manager of the Trustworthy Computing Group at Microsoft, in the Yahoo! News report. "If you think about the Conflicker case, how many people went looking for a security solution and downloaded rogue malware?"

Also referred to as “scareware”, rogue security software pretends to check computers for viruses and then announces to the owner that it did indeed find viruses present on their system. Referring to these finds as dangerous infections, the software then offers to sell the consumer a program – for a fee – that will fix the problem.

"The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information," Microsoft said.

Microsoft reported that two rogue families of scareware were detected in 1.5 million computers. An additional form of scareware was found on 4.4 million computers, representing a rise of 66 percent from the previous six month period.

"That means when users downloaded the software they probably gave away credit card numbers and got infected," Stathakopoulos said. "That's a double hit."

Microsoft expects that scareware infections will sour in the first six months of the year due to the massive hype around Conflicker. What many users may be unaware of is the fact that much of the scare and hype around this threat was generated by the hackers themselves.

The Microsoft report shows that as operating system defenses have improved, cybercriminals have changed their attack to software applications that people use in their online lives. Users are often duped into allowing malicious software onto their systems as a result of fake software updates, security checks or Web pages designed to trap the user and their information.

"We see cybercriminals increasingly going after vulnerabilities in human nature rather than software," said Vinny Gullotto, general manager of the Microsoft Malware Protection Center, in Chapman’s report.

In an effort to thwart activities by hackers, Stathakopoulos urges people to keep computer applications and anti-virus software updated and to be wary of online come-ons by strangers.

"Use a little common sense," he said. "If you browse the Web and someone you never met before is offering you a lot of money, it is probably not a good thing ... You wouldn't buy medicine from people you didn't know."