Video Screencast Help
Security Response

Back to Basics with Fake AV

Created: 30 Mar 2010 10:15:31 GMT • Updated: 23 Jan 2014 18:28:35 GMT
Henry Bell's picture
+8 10 Votes
Login to vote

We’ve been seeing Fake AV programs getting more convincing for a while now. Some of the tricks employed by the guys behind these rogue programs include Windows-7-style fake scanners, in-browser “scanners”, and program features that ape other aspects of the operating system.

Yesterday, though, we came across a misleading application called AntiVirusDemoFraud that is—how to say?—possibly a little less sophisticated than some in terms of user interface design.


 
Obvious in the screenshots are the familiar misleading application hallmarks, such as fake detection names, dire warnings as to what the “threats” are capable of, and buttons to pay to register the program and remove the threats. Notable are the errors in spelling and grammar, the “dotted tri” IP address, and the frankly amateurish interface. Don’t give up your day jobs folks.