Rogue security software

Rogue security software is a type of program that pretends to detect and remove malware for a fee.

Rogues claim to scan for malware and then regularly show you fake detections and warnings. They tell you that you need to pay to register the software or remove the fake threats from your PC.

What is the purpose of a rogue?

Rogues have one purpose – to take your money. They tend to be obvious and intrusive. They rely on either:

  • Convincing you that their reported threats are real.
  • Being so annoying that you choose to pay the fee.

Rogue security software often copies the look and name of real security scanners, including Microsoft software.

How do rogues work?

Rogues try to scare you into paying a fee, in the hope that the rogue will clean your PC. They need to convince you to pay a fee to be successful.

They usually target you with a lot of deceptive messages coming from their fake software, websites and messages.

Here’s what might happen if you have a rogue on your computer:

  • You see a scanner on your screen, pretending to scan your computer- it might appear as you browse the Internet or you might have inadvertently downloaded it.
  • After the scan is complete you are shown a large number of malware infections that were supposedly found on your PC.
  • You keep seeing warnings about these supposed malware infections in messages and alerts popping up on your desktop or coming from the taskbar.
  • The rogue stops you form launching other programs and instead shows you an alert that the program is also infected. Trying to download updates or tools from legitimate security sites might have the same result.
  • Rogues usually target system security and firewall applications. They try to shut them down and modify their registry entries to make it extremely difficult to remove the fake scanner from your PC.

The following is an example of a fake results screen used by a rogue:

Rogue showing a fake antivirus scan result
Rogue showing a fake antivirus scan result

How do rogues get onto my PC?

Rogues are installed in similar ways to other malware. They can be:

  • Downloaded and installed by other malware.
  • Installed by exploiting vulnerabilities in particular software.
  • Installed by social engineering (convincing you to download and install the rogue by pretending to be something useful or beneficial).

Usually rogues target people who speak English. Most reports of this type of malware come from the US.

Notable rogue malware families

Some of the most prevalent malware families are rogues. The following families are some of the more notable examples:

How do I protect myself against rogues?

The best way to avoid rogues is to prevent them from being installed in the first place.

Another way you can protect yourself is to be wary. Legitimate security companies won’t try to scare you into using their scanners.

What do I do if I can’t remove a rogue?

Don’t pay the fee they ask for – this could create further problems and expose you to further fraud or identity theft.

The following article can help if you have already paid a fee, or you think you might have inadvertently given away sensitive personal information:

If you have problems getting rid of a rogue the following might help:

Latest news