Despite the consistent media exposure that FAKEAV malware has been receiving, it continues to be business as usual for FAKEAV proponents. To find out why the notorious malware family persists, Trend Micro researchers looked into three important aspects—social engineering techniques, the FAKEAV technology, and the FAKEAV business itself.

Social Engineering

Social engineering is a technique used in furthering malicious activities both online and offline. Online, however, FAKEAV is a good example of a social engineering “success story.” By leveraging human weakness, FAKEAV effectively utilizes social engineering techniques such as blackhat search engine optimization (SEO) to trick users.

The Technology Behind FAKEAV

Behind the professional-looking GUIs, annoying pop-ups, and other scareware tactics FAKEAV uses lies a simple technology. It can thus be said that the FAKEAV technology is more tricky than complex. Despite the relative simplicity of the FAKEAV technology, however, it continues to plays a critical role in the success of FAKEAV’s social engineering tactics.

The FAKEAV Business

Of course, a malicious campaign is meaningless if it does not benefit its proponents. When it comes to the FAKEAV business, the stakes are high. Apart from taking away about US$40–100 from a user’s account as payment for rogue software, the more pressing concern with regard to FAKEAV is information theft.

Learn more about the persistent FAKEAV malware and its three fundamental aspects in the Security Spotlight article, “Why FAKEAV Persist.”