Misleading apps gathering for Christmas security threat

 

Gallery

By Matt Whipp

Posted on 19 Dec 2006 at 14:37

If you're looking for a Christmas present for a computer-using friend, beware of the host of misleading security applications around warning of infected systems and promising a clean up, at a price.

Antispyware company Sunbelt software is picking up new sites, designed to dupe users into downloading and paying for software that is ineffective as a security tool and often a threat in itself.

For example, it spotted four toward the end of November, another on 1 December, six more on 6 December, six again 12 December, and another three yesterday.

Many of these scam sites and dodgy security applications are run by the same outfits, simply dressing up the same code in different colours to give the impression of a new product or service.

Kevin Hogan, head of Symantec's security response centre in Dublin, said that his company expects what he calls 'misleading applications' to be one of the cornerstones of security threats next year.

It presents a problem as some of these companies consider themselves legitimate entities, and don't take too kindly to being blacklisted by Symantec and other security firms.

Hogan said he has a team of lawyers dedicated to dealing with this type of legal complaint.

But as well as the legal risk, it also skews the role security firms play in protecting users. Whereas in the past, protection was a matter of identifying malicious code and cleaning it up, security firms also have an advisory position, to warn users of phishing sites, scams and, in the case of Symantec's recently launched Norton Confidential, e-commerce sites that might not meet the standards necessary for a safe transaction.

Hogan said of Symantec: 'We've gone more from police to informer'.

For more information, visit the Sunbelt and Symantec websites.