Tab

News & Events

What is FakeAV?


Do you really have a virus on your computer? Is the security software that found it fake or real? This window might look real and seems to be scanning your computer and finding viruses, worms, Trojans and spyware. If you were searching the Internet (especially image searches), chances are the “software” that popped up and is scanning your computer is something called FakeAV or Fake AntiVirus. Its malware and it’s fake! It is meant to trick users into downloading and paying for a program that removes non-existent viruses from your computer. These programs can do major damage to your computer and will sometimes make your computer unusable.

‌‌How do you know it’s a FakeAntiVirus?

If you suspect that the screen that popped up is a FakeAV, don’t click on anything. Sometimes just clicking on any of the buttons on the FakeAV screen will infect your computer. Close the program by using: the Ctrl+Alt+Delete keys to access the Task Manager; using Alt+F4 to close the window; or right mouse click on the browser in the Task Bar and select Close. Another option would be to turn off the computer.

Signs that it’s a FakeAV:

  • Look at the title bar at the top of the window. If the name of the program matches what you currently have installed on your computer, it might be legitimate. Alverno College uses Sophos Endpoint Security and Control as our anti-virus software.
  • If you were able to stop the “scan” by closing the internet browser window it is a FakeAV.
  • Become familiar with your anti-virus software so if a FakeAV does appear, you know the difference between the screens.

How do you get infected?

  • An email that directs you to an infected website. Beware of emails warning you that your account has been suspended.
  • From an online search where one of the results led you to a fake scanning page.
  • While you were trying to download a free movie that prompted you to download a codec in order to view the movie. That codec was probably a FakeAV installer.
  • By visiting a legitimate website that has been compromised by having malicious code inserted into their webpage.

What happens when you download a FakeAV to your computer?

When the FakeAV is done “scanning”, you will probably be told that there are multiple infections on your computer. Users will be directed to a website where they will be asked to enter a credit card number to activate or install the FakeAV software. Do Not EVER enter your credit card or PAYPAL information on a website unless YOU initiated the transaction.
The FakeAV software might:

  • Prevent your computer from running legitimate software such as anti-virus software or Task Manager
  • Install other types of malware that might steal passwords
  • Send spam messages from your email address
  • Corrupt your documents or hide them so that it appears as if your documents disappeared
  • Slow or crash your computer
  • Prevent you from getting on the Internet

After closing the window, run a full system scan using your anti-virus, anti-malware and anti-adware software.

How do you protect your computer from FakeAV?

There are no software packages that are 100% effective in protecting your computer from FakeAV. A combination of tools such as antivirus, spyware and malware tools will help protect your computer from FakeAV and other web threats. Make sure you do the following:

  • Keep your Windows operating system up-to-date with the latest service packs
  • Keep your browsers up-to-date with the latest patches
  • Enable your Windows Firewall
  • Check the settings in Internet Explorer and make sure security settings are set to at least medium-high. Also turn on your pop-up blocker.
  • Keep installed applications such as Adobe Acrobat, Flash and Java up-to-date. The easiest way to check if they are up-to-date is to go to http://mozilla.com/en-US/plugincheck/. Download and install the updates. However, be sure to read all the screens so that you are not installing any add-on software.
  • Everyone using your computer should have their own user account through windows and those accounts should not be set as administrator. Don’t use your administrator account to surf the Internet.
  • Never click on links from unknown sources
  • Never open unsolicited email attachments
  • Beware of popular “free” music and file sharing sites

What to do if your computer is infected with a FakeAV.

Unfortunately, there is no universal fix for removing a FakeAV from your computer. There are many variations with more versions being created. If you are not computer savvy, the services of an IT professional might be necessary. In addition to keeping your software and operating system up-to-date, it’s also a good idea to routinely back up your important data, just in case your computer needs to be reformatted.

Date Published: August 15 2012