Fake Antivirus Software

Beware of Fake Antivirus Software

There is a vast amount of information passing from one device to another on a global scale and this has led to an increased risk of viruses, Trojans, malware, spyware, and other forms of cyber threats. Cybersecurity literacy and hygienic browsing habits are major defense against cyber threats. Many antiviruses have also emerged to protect devices from cyber threats and the awareness on cybersecurity has also evolved, bringing new security techniques.

However, fake or rogue antivirus is one of the prominent methodologies adopted by cybercriminals and hackers to extract money from unsuspecting Internet users. Fake antivirus software typically warns the user that they have various security threats present on their computer and force them to buy applications. In fact, as per Gartner, the annual spending worldwide on security software was US$114 billion in 2018, which was an increase of 12.4% from 2017 [1].

As a line of defense, operating systems (OSs) are offering antivirus and firewall protection as a default feature but what if you want to have robust antivirus that can provide an extra shield of protection? Here is where you need to be more cautious about antivirus products as you may invite a virus into your device in the form of antivirus software. Perplexed? It is true that many antivirus programs are fake and therefore, you need to be more careful while differentiating original and fake products.

What Is Fake Antivirus?

Fake antivirus is a software that masquerades as a legitimate antivirus software, pretending to have found an infection on the system and in most cases, the objective is to scare the victim, but in truth the malicious program can even render your system vulnerable. It also disables legitimate security software, making it challenging to remove the illegitimate software. It is one of the persistent threats on the web today.

How Does Fake Antivirus Work?

When on the Internet, you may come across a pop-up message advertising a new advanced antivirus software. The message or banner is designed in such a way that it appears as “antivirus scanning” or “your system is at risk.” Such messages are sent by fake antivirus manufacturers, disguising their software as an antivirus product. The fake antivirus flashy messages encourage victims to “update,” “remove virus from the system,” or “install a new software.”

Fake or rogue antivirus causes a lot of harm to your computer. This kind of virus is more dangerous to Android users as they exist on the platform for a minimum duration of three years. Sometimes, these programs are so malicious that when you opt to install them to scan your system, they install all malware and make the system vulnerable with multiple viruses in it.

Identifying Fake Antivirus Software

1. More Pop-ups

There is every chance that you may be interrupted by many pop-ups on your window when connected to the Internet. A fake antivirus invites other rogue software on the system.

2. Reduced Internet Speed

Often people with fake antivirus complain of low Internet speed and slow system performance. This is because in the backend it uses the Internet connectivity to install junk malware and that is how the efficiency of the system also decreases gradually.

3. Change of Homepage

The easiest way to know if you have a rogue program installed on your system is when you find that your homepage within the web browser is changed.

4. Directing the Browser

Fake antivirus programs often redirect you to websites to entice the victim to install more malware. It will be a website that looks legitimate at first glance but has tell-tale signs that prove that it is a phishing site.

5. Linking to Undesirable Places

Few rogue software programs also insert links to different words appearing on the browser. These links redirect the user to other illegitimate websites, such as gambling, malware, porn sites, or anything, that will benefit the creators.

Mitigate Fake Antivirus

There are certain ways through which you can avoid installing fake antivirus systems, defined as follows:

1. Eliminate Vulnerabilities

Apply the latest security patches to your OS and all applications, including web browsers, flash player, PDF reader, and any other applications, that are on your computer.

2. Enable Firewall

A firewall, preferably a two-way, ensures dual safety on your local network and Internet. It monitors both incoming and outgoing traffic, giving you an extra shield of security.

3. Configure Settings

Configure your system settings so that your antivirus can automatically perform system updates. The latest updates are released as patches to any past errors or to provide enhanced functionality.

4. Set Exclusion Websites

You can set up exclusion rules to allow predetermined sites and sources for easy navigation. Use antispam, antibanner, and other similar services to keep fake antivirus from your system.

5. Never Click on Pop-ups

Beware of clicking on pop-ups. You can block pop-ups on the browser settings to avoid falling victim to a phishing attack.

6. Pay Attention to Browser Warnings

If your browser displays warnings while trying to visit illegitimate websites, pay attention to the message. Avoid visiting such websites once you receive notification warning about the site.

7. Buy Genuine Products

Always buy genuine security products from legitimate vendors. Make proper investigation about the software and the vendor before deciding on purchase.

8. Avoid Pirated Software

Free pirated software sound enticing but are created not to serve you freely. Their main purpose is to make money by compromising your system or selling your tracked information.

9. Maintain Your Antimalware Defences

Keep your antivirus and internet security software up to date. It’s a good idea to select the “receive automatic updates” option within your security product.

  1. Be Cautious about Search Engine Results
    Avoid clicking on the sponsored links that feature within Internet search results. Sometimes, it’s also advisable to be wary of the top search results.
  2. Type the URL into the Address Bar
    Whenever possible, try to access a website directly—by typing the URL into your browser. It may take a little more time—than clicking on a link that’s been generated by a search engine—but it can be a lot safer.

12. Beware of Web Surfing Dangers

Avoid surfing unknown websites—especially social networks.

  1. Don’t Open Unexpected Attachments
    If you receive an email attachment that you weren’t expecting, it might be dangerous. Don’t open an unknown attachment—unless you can verify that it is genuine and doesn’t contain any malware.

14. Think about that Link … Before You Click It

Don’t click on random links in emails or instant messaging—or links on social networking sites.

15. Use Built-in Antivirus

Leverage native in built features, such as Windows Firewall and Microsoft Defender AV, which is inbuilt in Windows, Linux, and Mac OSs.

As more and more people are connected to the Internet and are becoming aware of the growing cyber threats, the need for security products and services increases. The requirement for cybersecurity talent is also on the rise and many companies are looking for certified professionals. EC-Council is a leading cybersecurity credentialing body and among its many programs, it also offers Certified Ethical Hacker (C|EH) program. This program gives you the knowledge of required methodologies that an ethical hacker is bound to know. For more information on the C|EH program, visit our website.

Becoming an Ethical Hacker on your checklist?

Make sure you choose the right pathway for your career progression!


[1] https://www.forbes.com/sites/rogeraitken/2018/08/19/global-information-security-spending-to-exceed-124b-in-2019-privacy-concerns-driving-demand/#1fc4461b7112

Editor's Note:
Reviewed by Abbas Kudrati, Chief Cyber Security Officer at Microsoft and Akashdeep Bhardwaj, Head of Cyber Security Operations (India) at British Telecom Security.
get certified from ec-council
Write for Us