|
Scareware is a form of malicious software that uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software with malicious payloads, which have limited or no benefit to users, and are pushed by unethical marketing practices. Some forms of spyware and adware also use scareware tactics. A tactic frequently used by criminals involves convincing users that a virus has infected their computer, then suggesting that they download (and pay for) fake antivirus software to remove it. Usually the virus is entirely fictional and the software is non-functional or malware itself.〔('Scareware' scams trick searchers ). BBC News (2009-03-23). Retrieved on 2009-03-23.〕 According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008.〔 〕 In the first half of 2009, the APWG identified a 585% increase in scareware programs.〔(Phishing Activity Trends Report: 1st Half 2009 )〕 The "scareware" label can also apply to any application or virus (not necessarily sold as above) which pranks users with intent to cause anxiety or panic. == Scam scareware == Internet Security bloggers/writers use the term "scareware" to describe software products that produce frivolous and alarming warnings or threat notices, most typically for fictitious or useless commercial firewall and registry cleaner software. This class of program tries to increase its perceived value by bombarding the user with constant warning messages that do not increase its effectiveness in any way. Software is packaged with a look and feel that mimics legitimate security software in order to deceive consumers. Some websites display pop-up advertisement windows or banners with text such as: "Your computer may be infected with harmful spyware programs. Immediate removal may be required. To scan, click 'Yes' below." These websites can go as far as saying that a user's job, career, or marriage would be at risk. Products using advertisements such as these are often considered scareware. Serious scareware applications qualify as rogue software. In recent findings, some scareware is not affiliated with any other installed programs. A user can encounter a pop-up on a website indicating that their PC is infected. In some scenarios, it is possible to become infected with scareware even if the user attempts to cancel the notification. These popups are especially designed to look like they come from the user's operating system when they are actually a webpage. A 2010 study by Google found 11,000 domains hosting fake anti-virus software, accounting for 50% of all malware delivered via internet advertising. Starting on March 29, 2011, more than 1.5 million web sites around the world have been infected by the LizaMoon SQL injection attack spread by scareware.〔(content.usatoday.com )〕〔(reuters.com )〕 Research by Google discovered that scareware was using some of its servers to check for internet connectivity. The data suggested that up to a million machines were infected with scareware. The company has placed a warning in the search results of users whose computers appear to be infected. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Scareware」の詳細全文を読む スポンサード リンク
|