The Underground Economy of Fake Antivirus Software
Fake antivirus (AV) programs have been utilized to defraud millions ofcomputer users into paying as much as one hundred dollars for a phony softwarelicense. As a result, fake AV software has evolved into one of the most lucrativecriminal operations on the Internet. In this paper, we examine the operations of threelarge-scale fake AV businesses, lasting from three months to more than two years.More precisely, we present the results of our analysis on a trove of data obtainedfrom several backend servers that the cybercriminals used to drive their scam operations.Our investigations reveal that these three fake AV businesses had earned acombined revenue of more than $130 million dollars. A particular focus of our analysisis on the financial and economic aspects of the scam, which involves legitimatecredit card networks as well as more dubious payment processors. In particular, wepresent an economic model that demonstrates that fake AV companies are activelymonitoring the refunds (chargebacks) that customers demand from their credit cardproviders. When the number of chargebacks increases in a short interval, the fakeAV companies react to customer complaints by granting more refunds. This lowersthe rate of chargebacks and ensures that a fake AV company can stay in businessfor a longer period of time. However, this behavior also leads to unusual patternsin chargebacks, which can potentially be leveraged by vigilant payment processorsand credit card companies to identify and ban fraudulent firms.
|Date of creation:||01 Jun 2011|
|Date of revision:|
|Contact details of provider:|| Postal: |
Phone: (805) 893-3670
Fax: (805) 893-8830
Web page: http://www.escholarship.org/repec/ucsbecon_dwp/
More information through EDIRC
When requesting a correction, please mention this item's handle: RePEc:cdl:ucsbec:qt7p07k0zr. See general information about how to correct material in RePEc.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Lisa Schiff)
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
If references are entirely missing, you can add them using this form.
If the full references list an item that is present in RePEc, but the system did not link to it, you can help with this form.
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your profile, as there may be some citations waiting for confirmation.
Please note that corrections may take a couple of weeks to filter through the various RePEc services.