A Google study on Internet security found cybercriminals are increasingly turning to social engineering to get malware on computers rather than exploiting security holes in software. The search engine found that fake anti-virus malware now represents 15 percent of all malware that Google detects on websites, a fivefold increase from when the company first started its analysis.
Fake antivirus--false pop-up warnings designed to scare money out of computer users--represents 15 percent of all malware that Google detects on Web sites, according to 13-month analysis the company conducted between January 2009 and February 2010.
That's a five-fold increase from when the company first started its analysis, Niels Provos, a principal software engineer at Google, said in an interview.
Meanwhile, fake antivirus scams represent half of all malware delivered via advertisements, which is becoming a problem for high-profile sites that rely on their advertisers and ad networks to distribute clean ads.
Google analyzed 240 million Web pages and uncovered more than 11,000 domains involved in fake antivirus distribution for the study, which Google is set to unveil at the Usenix Workshop on Large-Scale Exploits and Emergent Threats Tuesday in San Jose, Calif.