»

Bogus Security Alerts

May 12th, 2008 | Author: Martin Riley

What Are They?

In my day to day work of consultancy and supporting desktops, I frequently come across the following situation;

While surfing the internet, a user is confronted with a “security alert” or other such warning message on their screen. The message warns the user that their computer is infected with viruses, trojans and spyware, or that it contains registry errors, etc, and prompts the user to download security software that will remedy the situation. The user clicks the ‘OK’ button to download the software because it will protect their computer. Right?…WRONG!!! These messages are 100% bogus and will harm your computer by downloading and installing the very same viruses they’re warning you against.

Unfortunately, this type of scenario is becoming more and more common. The sadistic people who create malware (malicious software) are becoming ever more cunning in the ways they deliver malware from their computers to yours, and the method of choice at the moment seems to be tricking you into thinking that;

  1. There’s a problem with your computer that needs fixing urgently
  2. The software they’re offering will actually help

This kind of trickery is actually quite ingenious because from time to time your computer will display valid warning messages about different things, so computer users who are not very tech-savvy will often be unable to tell the difference. If you fall into this category, help is at hand!

Being the caring and considerate guy that I am, I’ve prepared a list of simple points to take note of so that you can protect yourself from these bogus security alerts.

How To Combat The Threat

1) Purchase security software – I cannot stress enough the importance of having good security software installed on your computer. Ensure that it is from a reputable company, purchase an annual subscription, and keep it up to date. This won’t prevent you from inadvertently clicking a bogus security alert but it will minimise the damage caused if you do.

2) DO NOT click any button on a bogus alert! Not even ‘Cancel’ – Often a bogus alert will present you with two options, ‘OK’ (to download and install the software) and ‘Cancel’ (to quit). Because these alerts are programs created by software engineers, the buttons can be programmed to do anything the engineers want! Even the ‘Cancel’ button! Clicking ‘Cancel’ will most likely do exactly the same thing as clicking ‘OK’.

3) Never click a security alert that appears while you’re surfing – If a security alert appears while your surfing the internet, more often than not, it will be bogus. The alert will be generated by the website itself and may even be designed to look like its coming from your computer rather than the internet.

4) Recognise the kind of sites that bogus alerts may come from – Bogus alerts often come from sites that are saturated with advertising. They may have large animated banners, pop-up messages about competitions or lots of flashing, colourful graphics. They may also offer freebies like desktop icons, animated cursors, mobile phone ringtones, etc.

5) Aggressively close your browser – When confronted with a bogus security alert you should aggressively close your browser. This doesn’t mean you should click the X on the top-right corner of the screen while grinding your teeth and scowling. It means that you should instruct your computer to terminate your browser, rather than instructing your browser to terminate itself (clicking the X button). Why? Because the malware programmers are clever and the latter action can be overridden. Sometimes these malware sites can be programmed to restart your browser (after you’ve closed it by clicking the X button) on the same page where you closed it and display the bogus alert all over again. So the only way to get around this is by aggressively closing your browser. This is how you do it.

Please note that these instructions are for the Microsoft Windows operating system only.

  1. Right-click on the taskbar (the bar that is usually on the bottom of your screen)
  2. On the menu that appears, click ‘Task Manager’
  3. On the next window that appears, click on the ‘Processes’ tab
  4. In the list below the tabs, in the ‘Image Name’ column, locate the process associated with your browser*
  5. Left-click the process to select it
  6. Click the ‘End Process’ button
  7. A warning message will appear. Click OK to confirm that you want to end the process
  8. Your browser may have more than one active process. If so, you should end them all

*If your browser is Internet Explorer the process will be called iexplore.exe. If you use FireFox it will be firefox.exe. Opera – opera.exe, Safari – Safari.exe, Google Chrome – chrome.exe.

I hope you’ve found this guide informative and helpful. Please visit our blog periodically for more interesting news and articles.

Disclaimer

The information in this article is provided without warranty of any kind; either expressed or implied and should only be used as a guide to PC security as opposed to an exhaustive or comprehensive list.

Acknowledgements

Windows™ is a registered trademark of the Microsoft Corporation in the United States and other countries.

Posted in Articles | Tags: , , , , ,

Leave a Reply

Categories

Contact Us | Terms & Conditions | Privacy Policy
Copyright © 2010 Quantum Concepts. All Rights Reserved.