I used to have an almost unhealthy obsession with computer viruses and hacking. The bookcase in our (currently) spare room is testament to this. I would have prefered to read one of these tomes to something fictitious.
OH has recently written about being “the guy who’s good with computers” over on his blog. He mentions one of the recent fixing jobs he’s done and questions the users ability with a computer. You see, not so long ago it used to be the case that in order for a virus, rat (remote access tool) or home page hijacker to get on to your (mostly windows) machine you would have to click on agree on some dodgy webpage. Mostly anyway. There were exceptions. The only exception that I had any direct contact with was conficker. The point is that scareware is now coming to us via xss (cross site scripting) on websites and is landing on our machines via ads on a legitimate page. They don’t ask to be installed, they just do it.
Now, this is not a user blindly clicking on agree, so questioning their clicking fingers when it comes to this type of infection is pointless. Before I went on maternity leave, I saw a lot of examples of this new breed of virus creeping onto pcs. The idea is an oldy but a goody.
The scareware infiltrates your system then pops up advising that you have a virus. They also switch off any genuine anti-virus applications. If you attempt to run any diagnostic tools, you’ll be notified they are also infected. It then will prompt you to pay around £40-£50 to remove the multiple infections on your machine. As most end users are aware of the dangers of getting viruses on their machines, they panic thinking that they are.indeed infected by these 40 or so viruses that the scareware has picked up and will lose their data. It’s this that prompts a purchase and the scareware has won. These infections can be cleaned but they are not easy to get rid of and a complete reinstall is often quicker than trying to recover the system and remove all traces. The most recently infected machine I have seen required a return to factory settings.
Although (as far as I was aware and this may be incorrect as a further component may have been added) this breed of malware doesn’t intend to harm the machine (the basic premise is social engineering in order to extort) it normally does end up with a loss of data. Or at least internet favourites. So, it’s no longer the case that you have to click on something you shouldn’t to get infected but more a case of not being aware of a genuine virus warning.