Millions tricked by 'scareware'

Online criminals are making millions of pounds by convincing computer users to

download fake anti-virus software, internet security experts claim.

Symantec says more than 40 million people have fallen victim to the "scareware"

scam in the past 12 months.

The download is usually harmful and criminals can sometimes use it to get the

victim's credit card details.

The firm has identified 250 versions of scareware, and criminals are thought to

earn more than 750,000 each a year.

Franchised out

Scareware sellers use pop-up adverts deliberately designed to look legitimate,

for example, using the same typefaces as Microsoft and other well-known

software providers.

They appear, often when the user is switching between websites, and falsely

warn that a computer's security has been compromised.

If the user then clicks on the message they are directed towards another site

where they can download the fake anti-virus software they supposedly need to

clean up their computer - for a fee of up to 60.

Con Mallon, from Symantec, told the BBC the apparent fix could have a double

impact on victims.

It is very prevalent and it's growing very quickly out there on the internet

Con Mallon, Symantec

"Obviously, you're losing your own hard-earned cash up front, but at the back

end of that, if you're transacting with these guys online you're offering them

credit card details, debit card details and other personal information," he

said.

"That's obviously very valuable because these cyber criminals can try to raid

those accounts themselves or they can then pass them on or sell them to others

who ultimately will try to use that information to their benefit not yours."

The findings were revealed in a report written following Symantec analysis of

data collected from July 2008 to June 2009. Symantec said 43 million people

fell for such scams during that period.

It has become so popular that the rogue software has been franchised out.

Mr Mallon said some scareware took the scam a step further.

"[They] could hold your computer to ransom where they will stop your computer

working or lock up some of your personal information, your photographs or some

of your Word documents.

"They will extort money from you at that point. They will ask you to pay some

additional money and they will then release your machine back to you."

The scam is hard for police or other agencies to investigate because the

individual sums of money involved are very small.

Therefore, experts say users must protect themselves with common sense and

legitimate security software.

'Steal your identity'

Tony Neate, from Get Safe Online, told the BBC the threats presented by the

internet had changed in recent years.

"Where we used to say protect your PC... we've now got to look at ourselves,

making sure we're protected against the con men who are out there," he said.

"They want you to help them infect your machine. When they've infected your

machine it's possibly no longer your machine - you've got no control over it.

"Then what they're looking to do is take away your identity, steal bits of your

identity, or even get some financial information from you."

He added: "They used to be 16-year-olds in their bedrooms causing damage with

viruses. Now those 16-year-olds have grown up [and] they're looking for money,

they're looking for information."