/ Technology

Are security software scams blown out of proportion?

Computer virus key exploding

As Get Safe Online week swings into action, we’re told that one in four of us has been targeted by a cold-calling security scam. But is it time to question the role of the security software industry in all this?

A quarter of us have been affected by a scam call telling us we have a computer virus, according to Get Safe Online.

It’s likely that victims were directed to a website confirming the virus, and then offered to have their computers ‘cleansed’ – at a price.

This cold-calling scam is the latest iteration of so-called ‘scareware’, or software that cashes in on our fears about identity theft, viruses and phishing emails.

Scaremongering leads to scareware

Many of the headlines on these subjects originate from press releases issued by security vendors such as Symantec (which publishes Norton security suites), Kaspersky Labs and Sophos. I know this as I receive a regular stream of these to my inbox at work.

I’m not saying these fears aren’t genuine. It only takes one keylogger (a program that secretly installs on your computer and logs every keystroke you make) to give criminals the key to your online bank.

But, the criminal fraternity only invests its energy in areas where it can reap the biggest rewards with the minimum of effort. Currently, scareware – as Get Safe Online rightly identifies – is one of the biggest risks.

At best, our well-intentioned caller will take your money and deliver nothing. At worst you’re paying them to install their own keylogger. Like all cons it’s a masterstroke of social engineering – they know you’re worried about your computer’s security and that you’ll pay for peace of mind.

High price for security?

Similarly, security software vendors know you’ll buy a security suite if it means keeping your computer safe. Arguably, the security industry has acted in the interests of us all by alerting us to threats such as identity theft, which if you become a victim is potentially devastating.

Yet I believe that, like the Little boy who cried wolf, it may have been exaggerated.

Sure, there are risks out there, but the latest was self-perpetuated by an industry that has plenty to gain from your fears, however genuine they may be.

You can protect yourself free of charge with programs such as AVG Free and Microsoft Windows Security Essentials. Combine these with good practice, such as not clicking on links you don’t recognise and installing regular daily updates, and you have little to fear.

The next issue of Which? Computing reveals the truth about your computer security.

Artie Kenilworth says:
17 November 2010

As someone who has received these cold calls you don’t need security software as they are very persuasive and persistant. The best way is to simply hang up and not get involved in a conversation. That said, for the small sum required to get security from Kaspersky, via Amazon, I personally find the peace of mind I get, it is a small sum to pay.

Firstly, how do they know 1 in 4 has been targeted? Figures like this always make me suspect the motives behind a survey. Having said that, I did receive a call that I quickly ended. When I challenged the caller about the scam I was subjected to a stream of verbal abuse! More concerning is that there is nowhere to complain about such calls. No-one is interested unless you respond to the scam and lose money. Surely if we had somewhere to report the details of these calls it would be easier to find the source and take action against them. People who spot the scam are more likely to report it than those who get caught out.

The scare story – a pseudo survey that your computer is badly infected – can arrive uninvited on a computer screen, not just by a ‘cold’ phone call. I’ve seen it on a recent laptop when the security trial period ran out. It persisted until I showed the owner that Microsoft Security Essentials was an excellent and totally free download to solve all threats of spyware, viruses, etc. The moneysavingexpert.com website gave me good advice on this.

We can never be sure the free security software is any good in fighting off problems in real time if you want something for free you will get nothing, it’s like would you go to work for free or would you stay at home and do nothing. If you use the free software your computer will end up in the repair shop for sure, I have seen loads of them come my way for repair, and they all had free security software install.

James Lewis says:
10 May 2012

Actually Mew there are plenty of reviews that suggest that some freeware solutions are fairly close in detection rates to commercial products – AVG even admit their freeware product uses the same scanning engine as their commercial product.

I have used freeware AV and anti-malware for years and have never had an infection. Equally a freeware product can conceivably pick up an infection that a commercial product misses – there is a certain element of luck as no product is perfect in detection or removal rates.

More important is probably having good online safety practices…