Chasing massive profits, crooks have unleased a flood of rogue antivirus programs that attempt to fool or scare unsuspecting PC users into forking over cash for an app that does nothing worthwhile.
According to the Antiphishing Working Group, the number of fake security programs skyrocketed from average of around 2,500 per month to 9,287 in December. The group's latest report, covering the second half of 2008, says that while rogue AV has been around for years, it wasn't until the middle of last year that crooks starting turning the fake apps into a serious money-making machine.
The Washington Post's Security Fix recently showed that dirty affiliates who help spread the junk apps can earn more than $330,000 a month in commissions. Maybe crime doesn't pay, but it seems that crimeware just might.
I also covered the increased use of the tactic for a recent PC World story that looks into the two ways you might end up with a scare-tactic pop-up or something similar on your PC that attempts to goad you into paying for the fake software. The first, browser-based method isn't dangerous if you're smart enough to ignore the pop-up; but the second scenario can indicate a malware infection and is bad news.
On a side note, the report also found that in September, Sweden for the first time became host to more phishing sites than any other country. Almost two-thirds of all sites found by the APWG in that month were hosted in that country, though in October the US quickly re-established its dubious lead.