It's a good thing we have Microsoft around to tell us that there is more scareware floating about the web. I published a post on AV360 early in March, but this is hardly the only incarnation of so-called "rogue security software."
The idea behind scareware is to scare users into registering software (and usually paying for it) to protect themselves from malware infections. Unfortunately, the software for which they are paying is malware itself. No matter how many times I tell people about this problem of nearly epidemic proportions, though, teachers invariably find ways to get themselves infected.
As a number of bloggers and journalists have pointed out, the massive publicity surrounding the Conficker worm has made people hypersensitive to the idea of malware on their computers and more than happy to believe it when apparent security software tells them they're infected.
Interestingly, according to the report and ChannelWeb,
Also in the report, Microsoft blamed third-party applications -- and not Windows -- for the majority of the security-related issues in its operating systems.
The Security Intelligence Report found that as software companies have improved the security of their operating systems, attackers have begun en masse to target the application layer. Nearly 90 percent of the reported attacks exploiting vulnerabilities from July to December 2008 were aimed at applications.
What does this mean for us? Obviously it means gateway-level AV is a must, as is client-level AV since so many users take their computers home. More importantly, though, it means that we will be able to rely less and less on Mac and Linux operating systems to ensure security. Cross-platform applications will increasingly make all operating systems vulnerable and malware distributors are finding increasingly creative ways to infect our machines.
The most important message, though? We need to train all of our users, whether teachers, students, or staff. What antivirus are you using in your school? Users need to know that messages from other sources (e.g., not Norton, Clamwin, McAffee, or whatever you're using) claiming malware infections means that they should call tech support, not start clicking. Finally,
Meanwhile, researchers say that users should avoid opening attachments or clicking on links in e-mail or IM from unknown or untrusted sources.
It sounds simple, but training is the key here. We are in education, right? We need to educate all of our users on a continual basis.