Nov. 1--Scareware won't shield computers Thieves in the cyber underworld are making a ton of money pedaling scareware -- rogue security software -- to unsuspecting consumers, a new Internet report says.

Symantec, the California maker of Norton brand security products, IRIS TAYLOR said consumers unwittingly are downloading rip-offs of real software. Or they're downloading downright-fake software that provides no protection, giving users a false sense that their computer is protected, or software loaded with the malware that it purports to protect against.

In its "Report on Rogue Security Software" released in October, Symantec said computer users pay $30 to $100 each for this rogue software.

It said that from July 1, 2008, to June 30, 2009, it identified 250 distinct products sold through nearly 200,000 Web sites worldwide, and received reports of 43 million security software installation attempts.

Seth Rosenblatt, a senior associate editor at CNET.com, which tracks and reviews security software, said rogue software is "absolutely an issue. Part of what makes these programs so pernicious is they're incredibly difficult to remove."

Fake anti-virus programs mutate so rapidly that it requires multiple solutions to get rid of them, he said. "They're a big problem" that few consumers would know how to fix.

So how is a consumer supposed to recognize rogue security software and what should they do about it? A Symantec representative gave these tips:

--Familiarize yourself with the look of the warnings of your security software. You'll learn to distinguish its security warnings from an impostor's scam attempts.

--Don't click on mysterious security alerts. Have you seen this notification embedded in your computer's task bar? "Security Warning. You computer is infected with malicious software. You should use antivirus product to remove it. Click this message to purchase recommended antivirus software."

Notice the grammatical errors? That's a tip-off. Also, the ominous red circle with an X inside is a fear tactic meant to make you act fast.

Don't click it, Symantec warns. Instead open your branded security software and run a scan. If the warning is real, you'll get instructions on how to proceed.

--Watch out for these rogue software names: Spyware Guard 2008, AntiVirus 2008, AntiVirus 2009, Spyware Secure and XPAntivirus.

--Set your browser to block pop-ups. Internet advertising is a key way that cyber thieves bait victims.

--Invest in proven, trusted software. Consider letting reputable online software reviewers such as CNET and PCMag help you decide which security software to buy. Scan your computer system using only that software.

--Buy from reputable software vendors. Use established retailers.

--Be sure to install updates and patches to your security system. Notices appear on your task bar when an update is available and ready to be installed.

--Don't give out your credit-card details on unsecured sites. On the page where you can place an order, look in the address bar and be sure it says "https," not just "http," and that you see a "locked" padlock icon at the bottom right of the page.

--Don't open attachments or follow links sent by a stranger. They may lead to a malicious Web site set up to automatically download and install illegitimate software onto your computer.

Dedicated Web sites, many of them legitimate-looking, are the most common rogue software distribution method, Symantec observed, followed by Web banner advertisements. It said scammers frequently change their domain registration information and company name to evade detection. ------

Contact Iris Taylor at (804) 649-6349 or itaylor@timesdispatch.com. Follow her on Twitter at http://twitter.com/RTDIrisTaylor.

-----

To see more of the Richmond Times-Dispatch, or to subscribe to the newspaper, go to http://www.timesdispatch.com.

Copyright (c) 2009, Richmond Times-Dispatch, Va.

Distributed by McClatchy-Tribune Information Services.

For reprints, email tmsreprints@permissionsgroup.com, call 800-374-7985 or 847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.

NASDAQ-NMS:SYMC, TaiwanOTC:5306,

A service of YellowBrix, Inc.