So-called scareware scams, which attempt mislead users into believing that their PC is infected with some form of computer virus or spyware before encouraging them to download or purchase software that claims to fix the problem, have seen a resurgence in 2009, escalating the issue into one of the biggest concerns for the IT security industry. This has prompted the FBI to issue a warning ahead of the Christmas period, typically the biggest time of year for PC and software sales.

“The scareware is intimidating to most users and extremely aggressive in its attempt to lure the user into purchasing the rogue software that will allegedly remove the viruses from their computer,” the note stated.

“Downloading the software could result in viruses, Trojans and/or keyloggers being installed on the user’s computer. The repercussions of downloading the malicious software could prove further financial loss to the victim due to computer repair, as well as cost to the user and/or financial institutions due to identity theft.”

The FBI estimated that losses through scareware have already reached $150m and is advising users to keep up to date with operating system patches and antivirus software. It is also advising users to familiarise themselves with the names of legitimate security software so they are able to spot the fake brands. Microsoft’s Checkmark Gold certification is considered to be one of the trusted signs of both quality and legitimacy.

“If a user receives these anti-virus pop-ups, it is recommended to close the browser or shut the system down,” said the note.

“It is suggested that the user run a full, anti-virus scan whenever the computer is turned back on.”

Virus Bulletin claimed that its latest round of spam tests suggested that antivirus software developers could provide better protection for computer users if they were to work together to create antivirus software that adequately protects users from the threats of spam.

The firm claimed that by combining the anti-spam filters of five or more of the products during its latest test, a “hypothetical” spam filter could be created with a 99.89% catch rate with “virtually” no false-positive identifications.

Antivirus software vendors often collaborate when developing antivirus software updates in order to protect users from new and emerging threats but there is currently no such co-operation in the anti-spam market. It’s believed that these findings by VB could lead to more collaboration in the future.

“For end-users this means that if spam filtering is business-critical, the use of more than one spam filter may be a good option,” said anti-spam test director Martijn Grooten.

“The anti-spam industry, meanwhile, should consider the benefits of collaboration and information sharing, and might be better able to protect our inboxes as a result.”

K7 Total Security has been awarded the VB100 award by Virus Bulletin, meaning that it passes their stringent, industry recognised antivirus software tests.

The site, which reviews consumer gadgets and upcoming technology developments, was temporarily hosting advertisements which were infected with malware and fake antivirus software earlier this week after falling victim to what was described as an “elaborate scam”.

“Guys, I’m really sorry but we had some malware running on our site in ad boxes for a little while last week on Suzuki ads,” Gizmodo’s editorial director, Brian Lam told readers in a blog post.

“They somehow fooled our ad sales team through an elaborate scam. It’s taken care of now, and only a few people should have been affected, but this isn’t something we take lightly as writers, editors and tech geeks.”

He urged readers, particularly though who thought that they may have been affected, to update their antivirus software in order to minimise the risk to their PC and privacy.

“Be careful, load up some antivirus and make sure your system is clean.”

It is not the first time that online advertising has been the target of malware attacks, with major publications proving to be a particular target.

Back in September, the website of the New York Times recently suffered a similar attack, in which users clicking on a box advertising antivirus software found their PCs infected with viruses and malicious software.

Bogus programs that attempt to pass themselves off as genuine forms of antivirus software have become one of the biggest concern areas for genuine security software developers, with research by Anti-Phishing Working Group (APWG) claiming that they have detected around 485,000 examples in the first six months of 2009, more than five times the total for the whole of 2008.

The problem has grown in recent years as scammers look for alternative means of targeting potential victims with spam, malware and phishing scams. The shift has come because more traditional methods that were previously used are now proving less successful, due to developments in genuine antivirus software programmes, which now include anti-spam and phishing features.

Researchers claimed that the increase is partly due to developments in the way that rouge software can infiltrate a PC, which makes it difficult for some forms of antivirus software to detect. In addition, in the majority of cases in which fake software has infected a system, it has done so because a user has unwittingly initiated the installation themselves.

“The primary reason for the creation of so many variants is to avoid signature-based detection by legitimate antivirus programs,” claimed APWG member Luis Corrons in the report.

“The use of behavioural analysis is of limited use in this type of malware because the programs themselves do not act maliciously on computers, other than displaying false information.”

The report also suggested that the increase can partly be attributed to improved detection methods, the size of the increase gives an indication as to the true scale of the problem.

According to data acquired under the Freedom of Information Act, which allows the public to request access to information deemed to be in the public interest, by More4 News, more than 8,000 viruses got through NHS security systems last year, with 12 incidents affecting clinical departments and impacting on patient care.

Problems included appointments being cancelled without warning, with patients having to be turned from one hospital in Scotland for clinical appointments.

The Royal London and London Chest Hospital were also hit, with patient administration services badly affected.

A number of NHS trusts conceded that their networks were attacked because antivirus software was turned off or not properly implemented.

Hospitals in the Grampian, Isle of Wight, Basingstoke & North Hampshire, Newcastle, Poole, Bradford Teaching Hospitals and Leeds Teaching Hospitals trusts were also badly affected.

In Sheffield, a total of 800 PCs were infected after just one computer in an operating theatre had its antivirus software switched off.

The statistics include the number of cases where health systems were hit by the Conficker virus, a worm which hit a number of government, medical and military systems around the world.

The NHS defended its IT policies, claiming: “Electronic patient records systems are protected by the highest levels of access controls and other security measures. These levels of security are far higher than any which can be imposed on access to paper records or the majority of local NHS IT solutions.”

The attack emerged after a large surge in the number of “tweets” (messages posted by users) directing people to a “Best Video” supposedly hosted on YouTube. In reality, the messages linked to a PDF document designed to infect unsecured versions of Adobe Reader. Victims then received an urgent message reading; “Warning! You’re in Danger! Your Computer is infected with Spyware!”

Users were then directed to a software window titled “System Security” that claimed to clean their PC system and remove traces of spyware.

Experts believe that the attack is the first known “for profit” attack to have been launched on Twitter although it far from the first security threat to have been launched on the site.

Previous attacks have included worms that repeat a phrase or link over and over by tricking users to click on links that automatically leave a post. As more posts are generated, more and more Twitter users are bombarded with the malicious links. One such worm landed its creator, 17-year-old Michael Mooney from New York, a lucrative job with a software development company.

Twitter have claimed that the problem had been contained after temporarily suspending accounts that had been compromised. No confidential information was intercepted, they added.

To celebrate the milestone, K7 Computing will enter any new customer who purchases a copy K7 TotalSecurity through retail and channel partners in India into a draw to win a fantastic four day, three night trip to Bangkok and Pattaya.

To enter our Buy, Register and Fly competition, simply register your new copy of K7 TotalSecurity and write a brief slogan about your new software at www.k7computing.com/bnp.

One winner will be chosen every day between now and July 31 2009 so make sure that you don’t miss out on this fantastic prize.

It’s little wonder why nine million people around the world have put their trust in TotalSecurity, the award-winning antivirus software from K7 Computing.

With round-the-clock protection against latest internet security threats, advanced scanning technology and regular automatic updates, K7 TotalSecurity monitors and protects PCs from worms, viruses, trojans, spyware, adware, spam and hacker attacks.

S. Srinivasan, Senior Vice-President, Sales & Marketing of K7 Computing, said, “Over and above the value for money our brand delivers, the chance to win fully paid holiday package to Bangkok & Pattaya is aimed at thanking our customers for their patronage. Bangkok is a great destination, providing for complete relaxation coupled with affordable shopping and we believe our customers will have a memorable time,” he added.

Terms and conditions apply. See http://www.k7computing.com/bnp for more information.

Research by price comparison site moneysupermarket.com revealed that 24% of British PC users have been the victim of a computer security breach despite 95% of those surveyed claiming to have antivirus software already installed on their PC.

Of those who have suffered an attack, 39% described the assault as causing a “major disruption” to their system whilst a further 10% described their attack as “deadly”, rendering their computer unusable.

One in twenty claimed that personal information had been stolen as a result of a malicious attack.

The type of content being viewed by users also appeared to have an effect, with almost one in 10 of those surveyed believing that the attack occurred after accessing an “adult” website.

A fifth of people believed that their virus attack came from general surfing and one in eight from opening unknown files or attachments.

Young males were the most likely group to be victim to a malicious attack, with 38% of those under 20 and 30% of under-20s admitting to experiencing virus problems on their computers.

“People need to be more aware of security threats than ever before,” said James Parker, manager of broadband at moneysupermarket.com.

“Most people use some of their personal details online – whether through internet banking or online shopping – and it’s vital that people take appropriate steps to protect this information and themselves.”

The company recommended that users take greater care over their personal details and email attachments, as well as ensuring that their antivirus software is kept up-to-date.

Around 800 computers at the university’s hospital and medical school have been affected by the virus outbreak although patient records are said to be unaffected.

The outbreak, which was first noted on Thursday, was said to be still active on Monday but a spokesperson claimed that IT staff had managed to “contain” the virus, even though there were a number of cases in which the virus had returned to a computer even after it had been removed.

The outbreak comes after security experts noticed an increase in the virus’ activity in the past week, with a new version of the worm now appearing to be active.

The virus, also known as Downadup or Kido, had been expected to update itself on April 1 although no increase in activity was reported.

Although analysis has yet to confirm what the virus actually does, it is widely believed that the update will install a “rootkit” into Window’s PCs which will then be used to steal valuable user details, such as credit card or online banking login details.

There is also evidence to suggest that Conficker is also promoting the sale of fake antivirus software, known as Spyware Protect 2009.

If you believe that your PC has been infected by the Conficker virus, you can get a free system check from the University of Bonn. If you’re PC has been infected, download the K7 Computing Conficker removal tool. Microsoft has also issued a guide on the virus.

To prevent your PC from becoming infected, please download the latest antivirus software update.

Despite a record number of sites were closed down by authorities in the US last year for distributing so-called “scareware”, experts have warned that the growth in the number of websites distributing malicious programs disguised as legitimate software poses a major threat to both home and business PC users.

The malicious sites often entice users into downloading what appears to be legitimate software that claims to remove adware, spyware and other forms of malware from a user’s PC. Any user who downloads the software then finds that they are exposed to further security risks.

Matthew Woolley, chairman of the Independent Trade Association of Computer Specialists, which represents independent computer retail and repair shops across Britain, said hackers were playing on people’s fear.

“At my repair shop in Lincoln alone, we’ve had more than 300 users in the past six months come in with a computer infected with fake anti-virus software,” he told the BBC.

“This week, we’ve seen fake anti-virus that was so good, one of my engineers was convinced that it was the real thing,” said Mr Woolley.

“If we can’t tell, what hope is there for Joe Public?”

The strategy is just one of a number of new tactics being used by hackers and scammers to lure would-be victims.

In early February, 2009, hackers put fake parking tickets on cars with a web link directing them to “view pictures with information about your parking violation” that then downloaded a Trojan to then prompt the user to install fake anti-virus software.

And last weekend, a Facebook application that spread virally among users caused an error message for Facebook users.

The advice for users is to only buy antivirus software from reputable sources. Always purchase software directly from the manufacturer’s own website or a trusted software reseller, rather than pop-up messages.