/ Technology

Buying expensive anti-virus software won’t stop cybercrime

A new report has unearthed something we’ve known about for some time, namely that spending a lot of money on anti-virus solutions is a waste of money and not necessarily the best way to tackle cybercrime.

A report by Cambridge University reveals that the UK is spending £640m per year trying to prevent or clean-up cybercrime threats. And almost £110m of that is being spent on anti-virus software, whereas only £10m is on actual law enforcement.

The study suggests that although cybercriminals are only pulling in a few tens of pounds from every Brit per year, the indirect costs of buying anti-virus software come to much more.

It concludes that more money should be spent on law enforcement, rather than encouraging people to buy anti-virus software, as lead author Professor Ross Anderson told the BBC:

‘A small number of gangs lie behind many incidents and locking them up would be far more effective than telling the public to fit an anti-phishing toolbar or purchase anti-virus software.’

The study echoes some of our previous reports, which show free anti-virus solutions are often just as effective as paid-for ones.

Focus on cybercrime

The report also argues that the government should spend less on monitoring phone and email communications, a policy disapproved of by privacy campaigners.

It comes at a time when the government is reportedly looking to spend £1.8 billion on implementing its Communications Data Bill. Under the proposals, the authorities will be able to access information such as the headers of emails you’ve sent and also the websites you’ve visited. I agree with Professor Anderson – this is money that could be better spent elsewhere. But where?

Security boundaries are blurring

The report recommends redirecting some of these vast sums of money towards improving consumer protection legislation for victims of credit card fraud, pointing out that the Netherlands, Finland and Ireland, already provide much stronger protection.

It’s a wise suggestion. However, the line between malware – such as viruses and trojans – and financial fraud blurred some time ago. Putting money in this pot or that pot isn’t the way to tackle online crime. There needs to be a multi-pronged attack whereby consumers are educated and know the value of installing free anti-virus software and keeping it updated.

A £650 million investment from the Cabinet Office to fund cyber-specialists in police forces across the country will help, too. Hopefully, then if people do fall victim to cybercrimes they’ll have an expert to whom they can report it. Something I believe is long overdue.


It’s probably true that much more needs to be spent on law enforcement, but equally it’s the same debate about having better locks and a burglar alarm on your house or more police on the streets (you do both). Tackling cybercrime in all it’s forms is an expensive and complex business and free security packages still depend on firms having resources (through subscriptions) to finance the detection, research and tackling of new threats as they crop up on a daily basis across a growing number of different platforms.

In truth you don’t have to spend massive amounts on what I would describe as a “Joined-up” security package (firewall/malware/email/site safety) if you shop around on Amazon or use some of the offers you find in computer magazines (making sure you read the reviews first!) – it is however worthwhile in my experience.

Brian Elwin Pomeroy says:
19 June 2012

The money is the key. The officials want everybody to be fighting; setting up firewalls so others are challenged to ‘out-smart’ the wall. This is how knowledge and or new ideas are born. That is just the way it is. Read your contracts, check your coverage in case of attack. I have a credit card with a three hundred limit for playing on the internet. Submit your tricks.

Two points:

1. Why pay money for anti-virus utilities when there are perfectly good free options for this? On Windows, Microsoft Security Essentials does the job – OK, it’s a ‘no-frills’ anti-virus, so you dont get anything else, but what else do you need? Similarly, on Mac there are good free options, including iAntiVirus and Sophos.

2. The law enforcement issue is an interesting idea, but you have to ask, WHOSE law enforcement. Most spam, phishing activities, viruses, worms et al, originate from other countries beyond UK law enforcement jurisdiction – and largely from countries that aren’t too likely to have a good reputation or willingness to do a lot of ‘cooperation’ with UK law enforcement. Spending any amount of money within the UK alone will achieve squat! Always need to remember that the internet is (largely) no respecter of national boundaries…..

This is very interesting. As is the report in the link. But is it dangerous to suggest we should not use anti-virus software on our home computers? In my experience the first thing the bank will ask after you have been invaded is ‘do you have anti-virus software?’. If you say no I suspect they will say you have been negligent and then not refund any losses you have sustained.

The great problem with all of these issues, like should you shouldn’t you, is free just as good as fee charging, etc., is that one can never get a categorical answer from anywhere. The more one researches via the internet the more confusing it becomes. Its is exactly the same reading product reviews. There is as many reviewers saying the product is the best thing sliced bread as there are saying the product is rubbish. Reading the reviews becomes an art form because the first trick is trying to discern the reviewers motive and qualification. Even the Which? reports are directly contradicted by some of the reviewers comments.

Sarah is not advocating that we should not use anti-virus software. Which? has reported that free software is more or less as effective as expensive software, so show the bank a copy of the report if you are unlucky enough to be a victim of fraud.

The introductory comments are personal views, which is only obvious when stated or if differing views are presented. I’ve often wondered if it is a deliberate ploy to encourage comments.

In Windows 7 the new security essentials is very good – it even includes heuristic scanning, although you have to enable it. Of other products check matsoutec.com for the most thorough testing I have seen anywhere. It is independent and very geeky but the results speak volumes. The big boys McAfee, Norton and AVG all score appallingly. On McAfee’s dismal 2% it agrees with my experience over 10 years in IT.

From matousec you can see the best are Outpost and Comodo both of whom offer free, superb products but seem rarely mentioned in consumer tests; including Which?
Both offer commercial versions but I would stick with free unless you have serious worries or deep pockets. The only other one worth paying for if pushed is Kaskerky. It is very good but Comodo is better and free.
Which? please include these in your next test.

In reply to Mike above:

Mike, thanks for your mention of matousec, which is a very informative site indeed! Being more of a Mac than Windows user myself, I wasn’t aware of it. It’s particularly interesting to earn that so many of the security utilities lose out in a big way when one switches from a 32-bit to a 64-bit system – who would have thought that could be such a big issue?

Just for the benefit of others, here are the full links to the test results pages:

32-bit OS: http://www.matousec.com/projects/proactive-security-challenge/results.php

64-bit OS: http://www.matousec.com/projects/proactive-security-challenge-64/results.php

Just one other thing I’ll mention, though I haven’t gotten to the bottom of it yet. matousec does indeed say that Comodo Internet Security is free, but Comodo’s own website says that only the standalone anti-virus utility is free, whilst the full internet security package is $20/year:


But I would say that that’s not a huge price to pay, when compared to the likes of Norton and McAfee, if you feel you want the additional functions of the full package. From her point-of-view, my partner already decided to switch her Windows machines to the free Comodo anti-virus, abandoning her current usage of Microsoft Security Essentials, which I was intrigued to note matousec doesn’t seem even to mention!

thunderer says:
3 February 2016

Comodo not free any more according to the matousec link in the next comment.

25 June 2012

This new virus called ‘Flame’ is a real Killer Diller, it was originally aimed at Iran, for obvious reasons, Obama gave the go ahead in conjunction with Israeli Techies!…Don’t believe?’….Google it.

But, not to despair, their is a company just set up to detect the signature of this virus!

Brachy says:
28 June 2012

In reply to NigelH – I was extremely surprised at the low score given to Norton 2012 by matousec, that is, until I read their report. The testing was carried out on a WinXP SP3 machine which, in my opinion is not a current OS. I can only judge by results, which, in my case is 6 years virus free operation with Norton. The other side of the coin being the many PC’s which I have been asked to ‘have a look at’ which turned out to be virused. The AV used? AVG Free edition. Common sense should tell you that a free version of anything cannot have the same resources applied to it as a product from a long established, large company. Although, look what happened to Lehman Brothers!

I hadn’t noticed that, but now look, I see that all products seem to have been tested on the same platform (WinXP, SP3). I had a quick look for an explanation of why they do the (32-bit) testing using XP, but didn’t find anything. But, I then looked at the 64-bit test results and there it confirms that all products were tested under Windows 7 (SP1) and the result for Norton seems broadly comparable to the 32-bit platform result (albeit even poorer).

As I said above somewhere, I am not normally a Windows user, but it doesn’t surprise me that you report six years of virus-free operation. First of all, just your presence here shows you to be one of the more ‘aware’ computer users, so you also quite likely avoid the ‘risky’ scenarios that usually result in the acquisition of a virus in the first place. Secondly, even on the Windows platform where viruses are most common, unless the user is particularly careless, they won’t get hit by viruses very often. Well, so I reckon – YMMV, as they say!

What I’ll just add to that is any amount of empirical experience doesn’t really stack up to an in-depth and well-targeted test suite. Users often use systems for years without encountering a particular bug, for example, but it’s there nonetheless. Properly targeted system testing should, OTOH, have found that bug even before the system was released to the users! Unfortunately, not all systems are so well tested…… I think the same ‘rule’ applies here – matousec are testing for, and finding, things that may rarely be found by users in the normal course of events, but they’re just being very thorough with their testing and doing what they can to highlight risks.

Incidentally, noting that it was not I that first mentioned matousec here, let me disclaim all and any connection with them – I have no particular axe to grind here! 😉

28 June 2012

‘AVG Free edition. Common sense should tell you that a free version of anything cannot have the same resources applied to it as a product from a long established, large company. Although, look what happened to Lehman Brothers’!

‘Common Sense’ et-al!
AVG makes its money from the Business Sector, all the ‘Freebie’ ones just get the cut down version, and for all intents an purposes, for the average user it does the job!

Their philosophy is to let Joe Public us it for free, they in turn will recommend it to their firms! As I have found out over the years, there is no such thing as the ‘Perfect’ Ant-Virus software.

AVG I have been using for quite a few years with no real problems.

As a similar sort of analogy, I buy Branded Goods from a 99p shop, the identical items in a certain store chain cost twice the price plus!

The same could be said for certain ‘Designer’ goods, there are many identical type items just as good, but, ‘Joe Public’ has been brainwashed to buy something with a ‘Label’ on it, so, I guess you pay your money and take your choice.

If ‘Which’ tells me that a certain product is as good as another, well,….Its a no brainer!

Brachy says:
28 June 2012

In response to FinsburyParker;

If the Business side of AVG supports the Free versions as you say, I hope that they do somewhat better than this;
In December of 2010, AVG released a mandatory-install update to the 2011 version of its antivirus software which caused thousands of 64 bit Windows Vista and Windows 7 computers to become completely inoperable. AVG has since released a fix which attempts to repair computers bricked after installing the update. Affected users can watch the following video on AVG’s Official YouTube page to resolve the issue http://www.youtube.com/watch?v=Fam3-KSfA3A

Not a very good indicator of AVG’s Business capability.
Not everything that looks the same as a branded item is the same. The branded item generally has the resources of an established enterprise behind it. Not an ‘iffy’ supply chain to an unidentifiable sweat shop.

29 June 2012

‘If the Business side of AVG supports the Free versions as you say, I hope that they do somewhat better than this;’
The perfect infallible Ant-Virus does not exist”!

The ‘Perfect’ Operating System’ does not exist!

In fact, the ‘Perfect’ anything does not exist.

I would rather rely on ‘Which’, far more reliable than someone’s personal bad experience of a product.

All the so-called top of the range Anti-Virus software falls down from time to time.

I suggest you check up on ‘Branded’ goods sold in ’99p’ shops, they have to be of original manufacture, not sweatshops,…Its the Law!

I was suspicious myself when they first appeared on the High Street, so I checked with Trading Standards, I was informed that the goods on sale in ’99p’ shops were in fact of original manufacture.

The only ‘Sweat Shop’ goods are sold from on the street market Traders.

Those shops that do sell ‘Fake’ goods get prosecuted in the end, as witnessed by the many TV programmes on TV, namely, ‘Fake Britain’!

Not a very good indicator of knowledge of the Law and trading Laws!…What??

So, I will still buy various items from the ’99p’ shops, as my late Father used to say, “A fool and their money are soon parted”.

If ‘Which’ tells me that a certain product is as good as another without a ‘Designer Label’, well,….Its a no brainer!

Brachy says:
29 June 2012

Reply to Finsburyparker
To return to the point of the article and not the relative merits of 99p. shops against Branded goods.
Please note, not Designer labels.
Considering the relative sizes of AVG and Symantec;
AVG – 663 employees worldwide
Symantec – 20,500 employees worldwide.

I know which organisation I put my faith in.

As for Which, I believe it to be a very good organisation, but, as you say yourself, not perfect.

I don’t recall ever making the claim that I had a very good knowledge of either the law or trading standards -What??!!

29 June 2012

‘I don’t recall ever making the claim that I had a very good knowledge of either the law or trading standards -What??!!’

You brought up the subject of ‘Sweat Shops’! (The branded item generally has the resources of an established enterprise behind it. Not an ‘iffy’ supply chain to an unidentifiable sweat shop).

I’ll still trust ‘Which’, (I know which organisation I put my faith in.)

Snowdin says:
2 July 2012

I won’t get involved in X is better than Y. I have incurred virus attacks over the years (29 years since buying one of the first BBC computers). Some of them have been caught by antivirus products. On 3 occasions I have been pretty sure I have had a virus but nothing has picked it up, recently including normal scanning, the rescue CDs of Kaspersky and Avira, and online scanning with F-secure which I gather uses Bitdefender’s engine. On two occasions I kept the computer but started using another. On both occasions scanning a year or three later eventually identified the malware I strongly suspected was there. Negative scans at one point in time are not conclusive, there are unknown unknowns. The third appeared to be confirmed recently by TrustDefender which Tesco Bank offers free, but which only works for me on that website. Other banks are starting to use it as well for theirs. TrustDefender not only protects online banking login, like Trusteer Rapport, but it also makes checks for malware including abnormal browser behaviour during the transaction. As I was logging in using my suspect but negatively scanned netbook (this was to test out the software, not to properly log in) it called a halt claiming I had malware on board. I ran the downloadable malware remover from Microsoft’s website and TSSKiller from Kaspersky after which I was able to log into Tesco Bank if I wished and the netbook immediately ran a zillion times faster.
Besides protecting vital online transactions with additions to antivirals, I do a regular check with FileHippo Update Checker to make sure all the most commonly compromised software is kept fully up to date, plus a similar but not identical check with the vulnerability scanner in KIS 2012, and act accordingly. If I ever get a phishing or compromised looking email, which has recently been quite frequently, I send a copy of the body of the email (not just what appears visibly on the email) to reportphishing@apwg.org. They are part of an international response to phishing and malware and appear to be effective at investigating and stopping malware. Details of how to report and what they are doing on the APWG http://www.antiphishing.org website. We also share information on scams through our local Neighbourhood Watch. Finally the weblogs from ZDnet and F-secure which I get for my Kindle via the Calibre software, provide regular briefings on security news and patches for vulnerable software programmes including the monthly Microsoft very late at night 2nd Tuesday updates and never ending Adobe Flash and Reader Update problems etc which they claim are soon to be automated.

3 July 2012

‘The monthly Microsoft very late at night 2nd Tuesday updates and never ending Adobe Flash and Reader Update problems etc which they claim are soon to be automated’.

“Tell me about it”!!!


Doudou33 says:
16 July 2012

A heated debate and very informative discussion. An IT guru gave me a simple solution to all firewall/malware/email/site safety/viruses issues. He said ‘why bother learning all this clever stuff about security and endlessly worrying whether you’re up to date? Just learn how to reformat your drive and do it every 3 months – good for backup discipline too’. Granted I’m fortunate to have a laptop and a PC so can split data and internet usage but I can’t help thinking that the dangers come from the internet so looking to the internet for a solution is somewhat self-defeating?

I think you need a new IT guru. Maybe his advice would be OK for anyone who is not using Windows.

jill says:
21 July 2012

Can someone just tell me in laymans terms which is the best anti virus package (free or not) please.

21 July 2012

I use AVG, as far as I am personally concerned, it does all I want it to.

Others on this forum will disagree and have their own personal preference.

Some will advocate propriety off the shelf pay through the nose every year for the privilege, so you have to take a pragmatic view, either pay your money and take your choice, or try the ‘Freebie’ ones!


FP is right, as far as I’m concerned – there are plenty of good free packages available and some of those are better than any paid-for variety.

But, to give you the best advice, in layman’s terms or otherwise, it will be easier if you tell us which computer and which version of operating system you are using.

hughstjust says:
31 July 2012

I have used Norton 360 for many years and promoted their security software for many years but gradually it dawned on me that I was effectively running Norton and its use was considerably impacting my PC – and reliable HP Pavilion running Windows 7. Having had one virus which Norton washed their hands of, I moved to the AVG 2012 with their PC Tune Up software and haven’t looked back. I am a basic user running applications at home and my PC has never run so well!

When you say “washed their hands” did they say that they couldn’t deal with it?

31 July 2012

Hi Hughstjust!

I moved over from Norton to AVG when it first appeared, and like you I have never looked back.