We have regular ConfCalls with our security support to exchange trends and issues we see. During the last one we had an interesting discussion I would like to share with you:
We seem to get a hell lot of calls mainly from the consumer segment with Virus/Trojan/Spyware infections. The way they get the malware is a pretty well known one:
You go to a web page which is telling you that your PC is infected by malware and that you have to install the "protection software" immediately – which then installs the malware. That’s the reason why we call this software "Scareware".
There are two things which frighten me:
One is that it shows how easy social engineering works (once again).
But the second one is much more frightening:
The malware installed is by far not sophisticated. It is usually pretty old and well known. Therefore every AV scanner would detect it easily and prevent it from being installed.
This tells us that there is still a high percentage of people not running AV software on their PC… Since years we are telling our customers you have to do at least three things to run your system:
Use a firewall, keep your software updated, run an Anti-Malware software and keep it updated.
Similar things are true for ISPs. Why do people still not do it? Is it the money?
(Original post editted by inserting line breaks to emphasise the points that Roger is making).