Identify and avoid fake antivirus on your PC

What are fake antivirus and how to avoid them

A fake antivirus, or rogue, is a program designed to trick the user into thinking that his computer is in danger and that he is capable of cleaning it from all kinds of threats. It is a program that seeks to supplant conventional antivirus (such as Windows Defender, Kaspersky, Avast or McAfee, for example) to leave the victim’s computer unprotected and be able to take control of it.

There are several types of rogue antivirus, and each one tries to fool users in a different way.

Programs that are installed on the PC

This is the least common type, but the most dangerous that we can find. It is easy to see it as part of the “Adware” included in the installers of many programs. What they generally do is run on the computer and pretend to be scanning it. At the terminal, they tell us that we have a massive infection of viruses, Trojans and errors, and help us to solve everything. Yes, paying.

The purpose of these programs is that we pay a license to clean and repair the computer. If we do not, we will be seeing error messages and warnings about the massive infection of malware on the PC all the time. If we pay, in addition to losing money, hackers will take over our payment method.

The best way to avoid these types of threats is to pay attention to the installers when we are going to install a program on the PC. In addition, we must also avoid downloading any program that a dubious website recommends to us.

Fake websites and fake online scanners

Fake web scanner

On the other hand, for example, we have the fake websites posing as antivirus scanners. When we enter a page we can see a message that tells us that our computer is infected by tens, or thousands, of viruses and that we must rely on a specific antivirus to disinfect the PC. These types of malicious websites (also known by the term “malvertisements”) are intended to instill fear in the user. And, as a result of that fear, deceive him.

The purpose of these types of advertisements can be very varied. For example, they can trick us into download and install a program with which, supposedly, to clean the computer. Or they can ask us for the card data to pay for a supposed license to clean the computer, and this data ends up in the hands of hackers.

The best way to protect ourselves from this type of fake antivirus is to ignore the ads that appear when visiting the webs. Luckily, nowadays it is already rare to find this type of website, but pirates are betting on other types of techniques with which to deceive, such as hijacking the browser.

Pop-ups that “hijack” the browser

Fake Flash update

This is a more modern and common method of trying to fool users with their computer security. Some websites take advantage of little JavaScript tricks to hijack the browser, block the computer and display a message stating that viruses have been detected on the PC and that we must carry out a cleaning.

They generally use the name of Google or Microsoft to try to deceive users, and make them call a phone number (paid) from which they continue with the scam. If we call they will try to get more information about us, install remote control software and take control of our PC. They will also get hold of our bank details and all the files we have on our PC.

It is easy to come across these types of ads by following links posted on social media. In addition, either they do not have a close button, or they have a false button that, when clicked on it, takes us to another website controlled by pirates from which to download, for example, a fake antivirus in the form of a program.

What to do if we have a fake antivirus installed

The best way to avoid falling into the clutches of this type of malware is Ignore It. If we see a message on a website, or a banner, in which we are told that we are totally infected by malicious software, simply bypassing it, closing the website and going to another site, we will be protected. As long as we do not follow the links in said advertisements, or download anything, or enter personal data, we will not have to worry.

The problems come when the infection has already taken place. If the fake antivirus has reached our PC, eliminating it can be complicated. This may have been hidden in the computer in many ways. For example, it may be injected into Chrome in the form of false extension. Or we may find it installed on the system as one more program. It can even appear in the system tray, along with our personal antivirus (which, if it has not detected it, we should still think about changing).

Some of the symptom that can make us suspect a possible infection are:

  • The web browser is hijacked, it is not updated and it redirects us to websites that we do not want to visit.
  • The PC is much slower than normal.
  • Many pop-up windows appear on the PC. Many of them with virus and error messages.
  • The background of the PC changes randomly.
  • We cannot visit antivirus websites or install security programs.

Be that as it may, the first thing we must do to try to eliminate the infection is to restart the PC in safe mode. From there, the malware will not load at the start of the system as it is not signed by Microsoft, and we can eradicate it without problems. We can try to uninstall it from the list of programs, or scan the PC with an anti-malware, such as Malwarebytes, to detect the threat and delete it from the system.

If it is hidden in the browser, then we must reset all its settings to factory settings and start from scratch to prevent it from continuing to take control of the PC.

Tips to protect ourselves from fake antivirus

We have seen before how to mitigate infections from the most common types of rogue antivirus. But, in addition to them, it is advisable to follow some more tips that will help us to be better protected and reduce the probability of ending up in the clutches of these pirates:

  • Update software and programs. We must update Windows, the most critical programs (such as the browser) and other programs used by hackers, such as PDF or Java readers.
  • Uninstall outdated programs. If we have a program that is no longer supported, and that can be used by hackers, such as Flash, we must delete it.
  • Install a good antivirus and keep it updated. If we have the PC protected, the security software will detect the threat before infecting the PC.
  • Use common sense when browsing. We must navigate known and reliable websites, avoiding suspicious ads and links from social networks.
  • Never open attachments in emails. SPAM is one of the main distribution channels for malware.

Related Articles

Leave a Reply

Your email address will not be published.