Given their financial motivations, the distributors of rogue security software scams need to affect a broad number of potential victims. Getting the program onto a victim’s computer is a critical step in rogue security software scams and the scammers use a variety of techniques to do so. While some rogue security software programs rely on just a few specific techniques to achieve this, many of them incorporate multiple techniques to improve the odds of success. The distribution techniques for rogue security software programs can be simplified into two groups: installation methods and advertising methods.
The installation methods for rogue security software can either be intentional or unintentional. Scammers who persuade victims that they need the rogue software to address security concerns lure the victims into downloading the software intentionally. This is a common approach to rogue security software installation that was used by 93 percent of the top rogue security...
A driving force behind the growing speed and efficiency of malicious code development is the demand for goods and services that facilitate online fraud. This is demonstrated by the flourishing profitability of confidential information sales in the online underground economy. For example, one person who was arrested for computer related credit card fraud in 2008 had possession of a condominium, a luxury vehicle, and over 1.6 million dollars in cash, among other valuable goods. All of which were presumably obtained by fraudulent means.
Malicious code that exposes confidential information is of particular value because the information is critical to several illegal practices, such as identity theft and credit card fraud. In many instances, well-organized programmers are developing this code on a large scale, much as how development occurs in a legitimate software enterprise. The confidential information obtained by the malicious code is then used for fraud or advertised for...
One topic of discussion in the recently released Symantec Report on the Underground Economy is software piracy. Software piracy occurs primarily in two basic forms: physical counterfeiting and file sharing. Counterfeiters create unauthorized physical copies of software intended for sale as legitimate products (though often the attempt to create a realistic valid copy is minimal). The motivation of counterfeiters is typically financial gain, and customers who know that the software is counterfeit are likely trying to save money. In contrast, piracy by means of file sharing—whether by copying a disc for a friend, uploading files using a peer-to-peer (P2P) application, or some other means—is not typically profitable for the people who share the files. The advent of rapid P2P file-sharing protocols has provided a readily available means for people to distribute and obtain...
