Rogue security threats in small business and how to deal with it

Filed under Your Articles

An emerging threat for standalone computers is known as scareware, and otherwise known as rogue software, pretending to be an antivirus program. Once it launches onto your system it quickly spreads to take over the system and is known to disable many major AV programs with ease.

The reason why your favourite AV program does not detect this threat is because it is not a virus, it's a program. It will launch on the desktop of the infected PC and start scanning for threats. The list of threats you see being reported are false. The program then asks for a payment to remove these threats. It is more like extortion or a protection racket because some affected users can have the rogue program removed by the writer of the program after paying the fee.

If the rogue program is ignored it becomes destructive in a short amount of time and will lock the user out of the system and may damage the boot sector making data recovery difficult. In our daily work at PC repairs Perth we are seeing a lot more of this type of rogue application. After removing it we often discover the trojan downloader which facilitated its deployment.

The program looks genuine, often similar to a Microsoft AV product. According to the Federal Trade Commission in the US it is made in the Ukraine by computer science students and the coded program is deployed by scammers in other countries.

Our preferred program to remove this rogue is Malwarebytes. This is an effective solution that is free from and will need to be run in safe mode. If you have caught the rogue early enough this is all you need to do.

Rogue programs use social networking sites and phony links, but they can also be downloaded by popular small business websites (such as baby wear or toys) that have been hacked. Remember, if you visit a site and then see a pop up window asking for a permissions request, you should be suspicious.