I blogged about the three generations of the WiniGuard family of rogue security products that began in October of 2008. Friday, the 50th rogue in that line appeared. Analyst Patrick Jordan noted that there appeared to be a newly named clone added to the “genealogy” about every 48 hours. He’s been right.
Monday they found GuardPCS and today they found TheDefender. Its associated web site was registered Dec. 4.
Fraudulent operators behind the rogues seem to be doing two things to confuse Internet users and lure them into purchasing this worthless scare ware:
- “Borrowing” content from legitimate anti-virus company web sites, such as certifications and management team pages, for their own web pages.
- Distributing their rogues with different names and with redesigned graphic interfaces. They usually have web sites associated with the new name. They look like authentic security products, but, as the song said they “take the money and run.”
See our earlier blog entry about the WiniGuard family of rogues.