Commentary: Microsoft can help kill fake antivirus threat

Powered by SC Magazine
 

Redmond should whitelist legitimate security firms.

Earlier this week, Symantec revealed that 42 million fake antivirus applications were downloaded last year.

It seems consumers are being duped into paying between $30 and $100 for software that basically hands full control of their computer over to cybercriminals.

The problem, according to Symantec, is that it's almost impossible for a consumer to tell the difference between a legitimate security application and a fake one. There is also no way of making a blacklist of fake apps because new ones are springing up on a regular basis.

"You really can't tell the difference anymore," said Rob Pregnall, a senior manager of Symantec's endpoint security. "They change all the time. If we could say, 'look for the one with the squiggly face in the top left corner,' it would be different by 11am - they would have changed it."

Below is a screenshot of one fake security warning that appeared on my laptop earlier this year. In this particular case it had virtually no chance of fooling me because it was displaying Windows dialogue boxes and fonts on my MacBook. But as you can see, it is pretty convincing.

Pregnall suggested that users rely on the same 'sixth sense' that helps them differentiate between legitimate emails and spam. Unfortunately, even savvy users are vulnerable to social engineering attacks - and these criminals spread their nets fairly wide so even if they only hook a few fish each time, they make a healthy profit.

Symantec's research claims 42 million fake AV apps were downloaded in 2008 and victims paid between US$30 and US$100 for each one. If we stick to the lowest price point, it means these apps made US$1.26bn!

According to Gartner figures, in terms of revenue alone, the fake antivirus product in 2008 generated more money than Trend Micro (US$938m) and almost as much as McAfee (US$1.47bn). Symantec still towers over the rest with 2008 revenues of almost US$3bn.

I can't help but be impressed by the fake AV makers for being so successful in a market so competitive it has already beaten off the likes of Microsoft, which recently launched a free antivirus application, Microsoft Security Essentials, to replace its unsuccessful OneCare Live product.

A solution

Ironically, I believe Microsoft could save the world from fake security applications by introducing a whitelist for apps from legitimate security firms.

This would mean that Symantec, Trend, AVG, Kaspersky and the rest would have to work with Microsoft to ensure their products were recognised as 'genuine' security applications.

Pregnall agrees whitelists are the future but is under no illusion that the problem will be easy to fix - especially if it means Symantec would have to start playing nice with Microsoft.

"I think the whitelisting argument is going to get considerable consideration in the future. There are obviously huge challenges in resourcing it and with different applications, files, patch updates etc - to keep away annoying alerts.

"However, reputation and whitelisting is definitely part of the way forward," he said.

I asked Microsoft about where it stands on the whitelisting front and about the potential obstacles to developing such a solution but as yet, Redmond has remained silent.

This might be understandable, as the company is preparing to launch Windows 7 tomorrow. I will keep asking them and try to report back to you next week.

In the meantime, I'd love to know what you think. Would whitelisting solve the issue? Is there a better way? How can you tell a fake security app from a real one? Do you care?


Commentary: Microsoft can help kill fake antivirus threat
 
 
 
Top Stories
Australia's digital crescendo
Barely unpacked from his move from Amsterdam, Southern Cross Austereo's new digital boss Vijay Solanki is looking for Australia's untapped potential.
 
Turnbull nabs UK govt digital guru as DTO chief
Inaugural CEO to lead change agenda.
 
NBN to offer TV connections through fibre for greenfields
Ditching aerials to come at a cost.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Xerocon is heading to Melbourne!
Jul 1, 2015
We're not saying Xero is our FAVOURITE or anything, but Xero's 2015 Xerocon conference is being ...
New Microsoft Office apps for Android phones
Jun 26, 2015
Microsoft's latest Office apps for Android now work on phones as well as tablets, further ...
Windows 10 UK price revealed, but don't believe everything you hear
Jun 26, 2015
Windows 10 £99 price tag for users in the UK (who presumably don't already have Win 7 Pro ...
Now Xero notifies iOS users of new transactions
Jun 24, 2015
The latest version of Xero's iPhone app includes notifications when new transactions arrive from ...
Your Essential Cloud Toolbox
Jun 22, 2015
When BIT interviewed Receipt Bank country manager Sophie Hossack, we asked for her thoughts on ...
Latest Comments
Polls
Is site blocking effective in stopping piracy?


   |   View results
Yes
  2%
 
No
  86%
 
Somewhat
  12%
TOTAL VOTES: 740

Vote