From spyware to bots to viruses and other unimaginable hazards… the web can be a scary place. 
Enter scareware, new way to trick unsuspecting consumers into parting with their money. USA Today recently had an article about the tricks and tactics used to perpetrate this latest rip off. Unfortunately, online advertising has become an accomplice to the crime.
Scareware is worthless software that allegedly removes viruses from your computer. Anyone who has surfed the web knows how easy it can be to become infected with a virus. The damage to the users computer is often measured in slowed performance, unwanted clicking and potentially even more nefarious things like key logging and password swiping. Now, the bad guys are selling “scareware” to solve a problem that may not actually exist.
The first such program was called “SpySheriff,” built by a team of cyber crooks from Russia. The Anti-Phishing Working Group recently reported that scareware infections rose 48% in the second half of 2008. The growth is tied to the ease of distribution and weaknesses in online advertising and the web in general.
There are several ways these fake products are being distributed. Phony pages are created using hot search key words such as “American Idol” or “iPhone” and drive the unsuspecting consumer to the infected page. Recently the Facebook email scam was used to send people to a page by promoting things like “best video.” Since these emails came from your friends, millions clicked. Twitter has become a vehicle for distribution. Phony Twitter accounts are created and enticing titles of posts encourage people to click.
Additionally, the bad guys are simply buying display or search ads. They rotate in infected pages to the landing page. It is virtually impossible for an ad provider to scan every ad impression and linking page. This loophole creates an opportunity for the bad guys to drive significant traffic to infected pages at a very low cost. Microsoft reported finding 4.4M installations of one such program, so the scale is enormous. Do the math… at $49 or $79, that is big business.
Once someone lands on the page, getting off is nearly impossible. Immediately upon landing, a “system scan” begins. The results are, of course, showing that your computer is infected with a number of viruses. Conveniently you can buy the product at that point and they take your money and run. If you try to move away from the page, or cancel, an endless number of scans take over your screen. Essentially, users must “control/alt/delete” their way out or restart.
The danger in this scam is not limited to monetary damage to the consumer. These type of pages and methods to attract clicks are the same methods used to install spyware, malware and perpetrate click fraud. To their credit, USA Today has done a good job over the last few years of highlighting the dangers of the web to the average consumer.
The FTC is cracking down. They have identified products like WinFixer, DriveCleaner and XP AntiVirus as worthless and they are going after the owners. The problem is that like the click fraud crooks, these guys are in remote locations and move their servers often. Tracking them is a full time job and extremely difficult. The search engines are trying to help as well. 
Trust is what keeps consumers clicking on ads. Without stepped up industry efforts from organizations, like the Anti Phishing Working Groups and others, trust could be diminished. Like click fraud, scareware is damaging trust. It takes a community effort to stay after the problem and build solutions to take the scare out of the internet.
Tom Cuthbert
Last night, here in Seattle, Microsoft lit up the Space Needle to celebrate the launch of Bing. Time will tell how big an impact Bing will have in search, but history may be on the Microsoft's side.