Think none of the users in your company are naive enough to fall for fake antivirus scams? If the financial success of those scammers is any indication, that may not be the case.
Fake AV scams are one of the most popular ways for criminals to defraud Internet users, according to a recent study from researchers at the University of California, Santa Barbara. They’re also one of the most lucrative types of scams.
The scam is fairly simple: Either through a social engineering attack or malicious website, a piece of malware is installed on the user’s computer and opens a window with a warning that the user’s machine is infected with a virus. Victims are then told they must purchase an antivirus program to get rid of the bogus threat.
The researchers looked at three unnamed organizations that make money from this scam and found that they’ve been quite successful. According to the study, licenses for the bogus AV programs were purchased by an average of 2.2% of the targeted victims.
That may not sound like a high percentage, but it was enough for the three organizations to make a combined $130 million off of more than 2 million people from March 2008 through August 2010.
Researchers also found that more than 76% of victims were located in the U.S. While the majority of duped customers installed the software on home computers, there were also a number of sales taking place at commercial, government and military institutions.
Less than 10% of victims attempted to get a refund, indicating that many may have never realized it was a scam.
As this data shows, many people have fallen for these so-called “scareware” scams — possibly much more than the folks who work in IT realize. It could be worth it to send out a warning for the users in your company.
To read the entire study, download it here.