INFORMATION SECURITY BREACHES OR THREATS

Recently there has been a huge entry of misleading applications for example “rogue or fake antivirus applications” that plague users. In other meaning, these programs are rogue applications that display as fake “antivirus scanners” or fake “system cleaners”. For more explanations about this “scareware”, we can start from the definition on Misleading Applications.

Have you seen an unexpected balloon message appear from an unknown program on your computer that telling you’re infected with a new threat? Or have you ever seen a strange security message pop up like an advertisement while you're surfing the web? These are common strategy used by a type of program Symantec calls "misleading applications" and other people refer to as “Rogue AntiSpyware” or “SMITFraud”. These programs typically slip onto their victims’ computer while they surf the web, pretend to be as a normal Microsoft Windows alert, or otherwise trick people into downloading them onto their computer. Once installed, misleading applications make false claims about the security status or performance of victim computer and then assure to solve these bogus troubles if we pay them.

Misleading applications on purpose pretend the security status of our computer and attempt to persuade the victim that he or she must remove unwanted programs that can risk their computer. This application will hold the victim by refusing them to remove or fix the problems until the “required” software is purchased and installed. These threats often look convincing the victim because the programs may look like legitimate security programs and often have corresponding websites with user testimonials, lists of features, etc.

The most frequently question that been ask is “How they attack?” According to the Symantec, this threat typically strikes the victim when they are surfing the web. There is not a single type of website where these applications are found, but they are more common from sites offering pirated goods and contain adult content. They can even sneak into advertisements on legitimate usually through banner ads at the top of the web pages. To make sure it is installed to the system, the victim usually be tricked to download the program. Some of this threat use the small program called “Downloader” have been installed by the attacker through the un-patched flaw in the victim browser (either IE or Mozilla or etc.). This technique also known as a “drive-by” installs.

This misleading application is not the first unwanted program that land to the victim computer. Usually the small program called Downloader such as “Trojan.zlob or Download.MisLeadApp” will impact the system first the automatically download this misleading application. When the download application is installed and ready, the malware that have been installed will inform the victim that their computer have been infected with an unknown threat. This misleading application will then present itself to run scan of that fake infected computer. Then the scan result will produce either entirely false or may include some real issues affecting the system but it will always exaggerate the problems on the system and refuse to fix them until the vendor is paid and a registration key is entered into the program.

This misleading application can be dangerous to us because it trick the consumer into believing a problem exists on their system. The victims who trust the messages are tricked into purchase fake applications to solve for the problems that they have been duped into believing exist. This threat scam victim money, faking the existence of problems and failing to deliver the protection as they promise. They also create a privacy risk as the victim must provide their credit card information to the scammers in order to register the misleading application and solve the supposed problems.
The victims of misleading applications have to pay for the software that does not work, handed their personal information to scammers, and are left with a false sense of security that leads them to potentially greater risks from more aggressive threats. Even if a person catches on to the ruse and does not pay the misleading application vendor, the programs can be notoriously difficult to remove without the proper security software.
Therefore in order to prevent this threat, we as user need to be carefull when we’re surfing the website. Of course to avoid this problem from occur, we need to secure our system by turn on the firewall,install a good antivirus and anti-spyware such as Kaspersky,Norton,Super Anti-spyware and etc and at least once per week do the” house keeping “ to our computer. There are a lot of good antivirus and internet security outside either shareware or freeware. Eventhough sometimes this threat successful bypass the antivirus or internet security guard, at least our system more secure if we compare to the computer that didn’t have any security defense on its system.