IDEAS home Printed from https://ideas.repec.org/p/cdl/ucsbec/qt7p07k0zr.html
   My bibliography  Save this paper

The Underground Economy of Fake Antivirus Software

Author

Listed:
  • Steigerwald, Douglas
  • Vigna, Giovanni
  • Kruegel, Christopher
  • Kemmerer, Richard
  • Abman, Ryan
  • Stone-Gross, Brett

Abstract

Fake antivirus (AV) programs have been utilized to defraud millions ofcomputer users into paying as much as one hundred dollars for a phony softwarelicense. As a result, fake AV software has evolved into one of the most lucrativecriminal operations on the Internet. In this paper, we examine the operations of threelarge-scale fake AV businesses, lasting from three months to more than two years.More precisely, we present the results of our analysis on a trove of data obtainedfrom several backend servers that the cybercriminals used to drive their scam operations.Our investigations reveal that these three fake AV businesses had earned acombined revenue of more than $130 million dollars. A particular focus of our analysisis on the financial and economic aspects of the scam, which involves legitimatecredit card networks as well as more dubious payment processors. In particular, wepresent an economic model that demonstrates that fake AV companies are activelymonitoring the refunds (chargebacks) that customers demand from their credit cardproviders. When the number of chargebacks increases in a short interval, the fakeAV companies react to customer complaints by granting more refunds. This lowersthe rate of chargebacks and ensures that a fake AV company can stay in businessfor a longer period of time. However, this behavior also leads to unusual patternsin chargebacks, which can potentially be leveraged by vigilant payment processorsand credit card companies to identify and ban fraudulent firms.

Suggested Citation

  • Steigerwald, Douglas & Vigna, Giovanni & Kruegel, Christopher & Kemmerer, Richard & Abman, Ryan & Stone-Gross, Brett, 2011. "The Underground Economy of Fake Antivirus Software," University of California at Santa Barbara, Economics Working Paper Series qt7p07k0zr, Department of Economics, UC Santa Barbara.
    • Handle: RePEc:cdl:ucsbec:qt7p07k0zr
    as

    Download full text from publisher

    File URL: https://www.escholarship.org/uc/item/7p07k0zr.pdf;origin=repeccitec
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Sood, Aditya K. & Enbody, Richard J., 2013. "Crimeware-as-a-serviceā€”A survey of commoditized crimeware in the underground market," International Journal of Critical Infrastructure Protection, Elsevier, vol. 6(1), pages 28-38.

    More about this item

    Keywords

    Social and Behavioral Sciences; cheating; computer security; fraud detection;
    All these keywords.

    NEP fields

    This paper has been announced in the following NEP Reports:

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:cdl:ucsbec:qt7p07k0zr. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Lisa Schiff (email available below). General contact details of provider: https://edirc.repec.org/data/educsus.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.