I suppose it was inevitable that this would happen, yet I couldn’t help feeling a bit shaken recently when a new kind of virus scheme almost propagated on my business computer. I’m talking about a virus that presents itself as a legitimate, well-known antivirus program.
Let me explain. One day, a message from Microsoft Security Essentials popped up on my screen and warned me of an infection by a Trojan. I was ready to click the “fix” or “quarantine” button (I can’t remember which it was) when a strange thought occurred to me. Just what is Microsoft Security Essentials and—more importantly—is it resident on my computer?
You might think a technology guy like me would be aware of all the programs on my hard drive, but in my defense, I will say that my job involves downloading and examining a lot of different programs. Anyway, a search of my current applications revealed that the answer to my second question was no—that program was not resident on this PC. Oh great, I thought, another phony antivirus program designed to trick users into loading malware onto their computers. But that was not the case either.
According to Microsoft, Microsoft Security Essentials provides real-time protection against viruses, spyware and other malicious software. It is a free download from Microsoft “that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure—when you’re green, you’re good. It’s that simple,” says Microsoft.
I found that out by Googling “Microsoft Security Essentials.” So if I were a user wondering whether or not that security alert from Security Essentials was legitimate, I would be comforted by the knowledge that it was a real program. Maybe I would then go ahead and tell it to fix the mythical malware it warned me about.
More ominously, however, if I did have Security Essentials resident on my computer, I would probably think nothing of clicking “quarantine,” since I would believe this was a message from my own software. The possibility of a phony Security Essentials alert did show up on my Google search, but the item was far down the page of hits. If I didn’t bother to scroll down to it, I would never have seen it. My own antivirus programs, of course, failed to detect the virus.
By the way, even after I realized the alert was fake, getting rid of it (it pops up every time you log on) was not easy. Fortunately, another Google posting helped me to accomplish that, but it involves getting down to the DOS (remember that acronym?) level.
While it’s certainly no news that there are virus schemes out there, this one was particularly disturbing because it anticipated reasonable user efforts to detect its legitimacy. I have no doubt that a fair number of Security Essentials users fell for this ploy, and I think we can anticipate that other malware producers will follow suit with similar believable schemes. Some of those users could be your employees in insurance or financial services. Needless to say, if such malware propagates inside your enterprise, this could present major problems.
The battle against cyber-crime is not just being fought on the technological front. Attacks that use deception on a human level to succeed are also growing in sophistication. Sadly, it means we must be suspicious of everything we see on our monitors, even messages that seem to come from our own applications.
For those not on thin-client hookups, the message is clear: Know what applications are on your systems and how they work. If anything you see gives you pause, check it out—thoroughly.
Ara C. Trembly (
Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.
This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.
The opinions of bloggers on
