Aug 20, 2011
tom

Fake alert viruses – Warning to users

Question

I’ve had a lot of employees lately come to me with issues on their home PCs where they have had Fake Alert/Rogue viruses. I was planning on sending out a warning to users explaining to them that these are actually viruses. I was also planning on informing them that in order to help prevent occurrences like this they should be sure to have an antivirus w ith an up-to-date subscription. I’d also recommend if they don’t have a subscription to download MSE or another free antivirus.

However, I wasn’t sure exactly how to instruct them to differentiate between a legitimate windows or antivirus alert and one from a fakealert program. Does anybody have any suggestions?

UPDATE

This is the message I ended up sending. I figured I should probably stay away from even mentioning their personal computers.. mostly to avoid requests to fix them. However, by sending this message, they will at least be slightly more aware of fake alert viruses out there.

Over the last year, there have been an increasing number of computer viruses spreading that actually pretend to be antivirus software. These viruses very closely mimic legitimate windows and mac software, so it can be hard to tell whether or not virus warnings that appear on your screen are legitimate or not.

While we do have virus protection on company computers, it is still possible to get a virus by simply visiting a website… even reputable ones. If you ever have a popup that tells you that you have multiple viruses and that you need to scan your computer immediately (or do anything else), please shutdown your computer by holding down the power button until the screen turns black and contact the IT staff immediately. If you aren’t sure whether a message is genuine or not, please contact us immediately as well.

Below are some images of some of the more popular “fake alert” viruses out there.

My Computer Online Scan

Antivirus 2010

41 Infections Found

Antimalware

Antimalware

Answer

You really can’t. Users don’t care enough to delve into the topic of viruses, trojans, malware, etc…

The best you can do is have them run an up-to-date AV (AVG, MSE, etc.) along with a couple tools (with updates applied frequently) of anti-malware programs like Spybot Search and Destroy and AdAware.

Warn them also that multiple AV installed don’t play nicely.

Last, be careful how far you go in playing sysadmin to home user system. You may end up taking responsibility for their home computer issues, and if you’re not making it clear that this isn’t pro-bono work you may be held responsible for fixes and updates (and BROKEN SOFTWARE PROBLEMS) that you and your advice may have had absolutely no connection to, but to the users…it’s all “computer stuff”, they did what you said to do, so it’s your fault.

Trying to be the nice guy has backfired on people I know more than once…so be careful to qualify your advice with disclaimers.

I’d otherwise just tell them to keep scanning their system and keep anti-malware up to day, and whenever something pops up (or do it once a week) run the manual checks with spybot/adaware in addition to the on-access antivirus. NO ANTIVIRUS WORKS 100%. They need to know that.

Related posts:

  1. Need help controlling viruses
  2. Malware vs Viruses
  3. Avoiding viruses 101
  4. Dedicated Server hit with viruses
  5. Will segmenting wi-fi SSIDs limit the spread of viruses, trojans and the like?

Leave a comment