The Underground Economy of Fake Antivirus Software
Fake antivirus (AV) programs have been utilized to defraud millions ofcomputer users into paying as much as one hundred dollars for a phony softwarelicense. As a result, fake AV software has evolved into one of the most lucrativecriminal operations on the Internet. In this paper, we examine the operations of threelarge-scale fake AV businesses, lasting from three months to more than two years.More precisely, we present the results of our analysis on a trove of data obtainedfrom several backend servers that the cybercriminals used to drive their scam operations.Our investigations reveal that these three fake AV businesses had earned acombined revenue of more than $130 million dollars. A particular focus of our analysisis on the financial and economic aspects of the scam, which involves legitimatecredit card networks as well as more dubious payment processors. In particular, wepresent an economic model that demonstrates that fake AV companies are activelymonitoring the refunds (chargebacks) that customers demand from their credit cardproviders. When the number of chargebacks increases in a short interval, the fakeAV companies react to customer complaints by granting more refunds. This lowersthe rate of chargebacks and ensures that a fake AV company can stay in businessfor a longer period of time. However, this behavior also leads to unusual patternsin chargebacks, which can potentially be leveraged by vigilant payment processorsand credit card companies to identify and ban fraudulent firms.
|Date of creation:||01 Jun 2011|
|Date of revision:|
|Contact details of provider:|| Postal: 2127 North Hall, Santa Barbara, CA 93106-9210|
Phone: (805) 893-3670
Fax: (805) 893-8830
Web page: http://www.escholarship.org/repec/ucsbecon_dwp/
More information through EDIRC
When requesting a correction, please mention this item's handle: RePEc:cdl:ucsbec:qt7p07k0zr. See general information about how to correct material in RePEc.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Lisa Schiff)
If references are entirely missing, you can add them using this form.