Microsoft Sees Security Threat in Rogue "ScareWare"

The No. 1 reason for data breaches remains lost and stolen computer equipment, according to Microsoft's recently Security Intelligence Report.


Released twice a year, the Microsoft Security Intelligence Report uses data gathered from hundreds of millions of computers worldwide to provide an in-depth snapshot of the threat landscape.


Microsoft said there has been a significant increase in rogue security software and evidence that threats are predominantly targeting common third-party desktop applications. Rogue security software, also known as "scareware," takes advantage of users' desire to keep their computers protected. The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world. For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6 percent over the first half of 2008.


"We continue to see an increase in the number of threats and complexity of those threats designed to implement crime at a variety of levels online," said Vinny Gullotto, general manager of the Microsoft Malware Protection Center. "But as Microsoft and the industry continue to improve the security of our products and people become more concerned about their online safety and privacy, we see cybercriminals increasingly going after vulnerabilities in human nature rather than software. By working with others across the industry, Microsoft is helping combat the next generation of online threats through a community-based defense resulting from broad industry cooperation with law enforcement and the public."


A full list of Microsoft's guidance, a downloadable version of the Security Intelligence Report, volume 6, and other related information is available online.
http://www.microsoft.com/sir