Commentary: Microsoft can help kill fake antivirus threat

Powered by SC Magazine
 

Redmond should whitelist legitimate security firms.

Earlier this week, Symantec revealed that 42 million fake antivirus applications were downloaded last year.

It seems consumers are being duped into paying between $30 and $100 for software that basically hands full control of their computer over to cybercriminals.

The problem, according to Symantec, is that it's almost impossible for a consumer to tell the difference between a legitimate security application and a fake one. There is also no way of making a blacklist of fake apps because new ones are springing up on a regular basis.

"You really can't tell the difference anymore," said Rob Pregnall, a senior manager of Symantec's endpoint security. "They change all the time. If we could say, 'look for the one with the squiggly face in the top left corner,' it would be different by 11am - they would have changed it."

Below is a screenshot of one fake security warning that appeared on my laptop earlier this year. In this particular case it had virtually no chance of fooling me because it was displaying Windows dialogue boxes and fonts on my MacBook. But as you can see, it is pretty convincing.

Pregnall suggested that users rely on the same 'sixth sense' that helps them differentiate between legitimate emails and spam. Unfortunately, even savvy users are vulnerable to social engineering attacks - and these criminals spread their nets fairly wide so even if they only hook a few fish each time, they make a healthy profit.

Symantec's research claims 42 million fake AV apps were downloaded in 2008 and victims paid between US$30 and US$100 for each one. If we stick to the lowest price point, it means these apps made US$1.26bn!

According to Gartner figures, in terms of revenue alone, the fake antivirus product in 2008 generated more money than Trend Micro (US$938m) and almost as much as McAfee (US$1.47bn). Symantec still towers over the rest with 2008 revenues of almost US$3bn.

I can't help but be impressed by the fake AV makers for being so successful in a market so competitive it has already beaten off the likes of Microsoft, which recently launched a free antivirus application, Microsoft Security Essentials, to replace its unsuccessful OneCare Live product.

A solution

Ironically, I believe Microsoft could save the world from fake security applications by introducing a whitelist for apps from legitimate security firms.

This would mean that Symantec, Trend, AVG, Kaspersky and the rest would have to work with Microsoft to ensure their products were recognised as 'genuine' security applications.

Pregnall agrees whitelists are the future but is under no illusion that the problem will be easy to fix - especially if it means Symantec would have to start playing nice with Microsoft.

"I think the whitelisting argument is going to get considerable consideration in the future. There are obviously huge challenges in resourcing it and with different applications, files, patch updates etc - to keep away annoying alerts.

"However, reputation and whitelisting is definitely part of the way forward," he said.

I asked Microsoft about where it stands on the whitelisting front and about the potential obstacles to developing such a solution but as yet, Redmond has remained silent.

This might be understandable, as the company is preparing to launch Windows 7 tomorrow. I will keep asking them and try to report back to you next week.

In the meantime, I'd love to know what you think. Would whitelisting solve the issue? Is there a better way? How can you tell a fake security app from a real one? Do you care?


Commentary: Microsoft can help kill fake antivirus threat
 
 
 
Top Stories
NSW to build its own myGov
Service NSW digital profiles available by September.
 
Android bug leaves a billion phones open to attack
Hackers only need phone number to target devices.
 
Australia's leaders agree to end GST-free online goods
Gerry Harvey may finally get his way.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Windows 10 is here! (For some)
Jul 29, 2015
Delivery of the free upgrade versions of Windows 10 began today - have you got yours yet?
Microsoft reveals Microsoft Send, a new enterprise chat app to rival Slack
Jul 27, 2015
Microsoft Send is MSN Messenger for grownups, and you could be using it at work very soon
Developers offered $500,000 grants to find HoloLens uses
Jul 8, 2015
Can augmented-reality end up in business?
Microsoft Tossup: The planning app for unorganised groups of friends
Jul 8, 2015
App allows friends to research venues, vote on plans and chat. And depending on how you run your ...
Windows 10 drops 29 July... but only for some
Jul 6, 2015
If you've reserved your copy of Windows 10 and are keenly awaiting its 29 July release, don't ...
Latest Comments
Polls
Should law enforcement be able to buy and use exploits?



   |   View results
Yes
  13%
 
No
  51%
 
Only in special circumstances
  17%
 
Yes, but with more transparency
  19%
TOTAL VOTES: 714

Vote