SiS Logo

My Digital Identity

Sharp Perspectives on Identity, Security, and Privacy

Best Free Anti-Virus Utilities

I was just asked recently what my recommendations are for best free anti-malware software. I checked my previous recommendations and was shocked that they were made 10 years ago. My how time flies but thankfully sometimes recommendations can stand the test of time.

PCMag just made a new set of recommendations (March 1 2016) for free Anti-virus protection software

I have had good experiences with AVG, Panda, and Checkpoint. My experience with Checkpoint is with their ZoneAlarm firewall which works well but has a lot of ads. Good to see that AVG and Panda are still top rated and in business after all these years.

Consumer Affairs also has a fairly detailed roundup of anti-virus product reviews which could be useful to consult if you want to include commercial software at various prices.

Flashback Trojan Mac Malware

Although Mac malware is almost non-existent, that is no reason to become complacent and think the Mac is completely immune. A trojan named Flashback with several variants that supports remote control of a Mac has infected over 600,000 Macs by exploiting a vulnerability in Java. It can be activated by inadvertently visiting certain web sites that then trigger what looks like a Flash software update.

To be safe you should do 2 things:
1. Download and install the Mac system update for Java to protect against any future infections by this trojan
2. Enter at least a couple of terminal commands to determine if you have already been infected.

This TidBITS link provides the default read terminal commands to detect the infection and instructions for its removal if you have already been affected. Note that this trojan works in stealth mode so you might not see any symptoms even if you are infected. Do the tests just for peace of mind that your computer isn’t part of a botnet.

Beware of Comantra Scam

If you get a call from a stranger who tells you that they know you have computer problems that can be solved by following their directions to allow remote access don’t be fooled. Either hang up right away or collect information about the caller and report them. For example, in our area we reported this to CJOH news, the RCMP, and local police.

I got a phone call myself the other day just like a lot of other people. I am hearing about this new scam a lot recently. A company called Comantra calls to tell you that according to their database your computer is infected with malware/virus software and they need to fix it right away or really bad things are going to happen to your computer.

The caller who has an Indian accent explains that their company is a Microsoft certified Gold partner and through this association they know you have problems with your computer that they can fix if you will just follow their instructions. I had heard of this scam previously but I was still surprised to get called because my previous experience was that these types of scams were done through the Internet rather than from cold calling. The guy was really patient as I asked him a lot of questions while I tried to find out more about this scam. He kept referring back to his script about their trustworthiness because they are a Microsoft gold partner. He even provided me with a link to the Comantra web site

As you can see the Web of Trust plugin provides a warning about the trustworthiness of this site. In addition to Comantra’s initial lie that they had an online database full of records on the problems with my Windows computer, I had more reasons to be suspicious because my main computers run Mac OSX. I had been told a horror story about this remote support scam by someone else who’s father had been tricked into paying $200.

The extent of this scam is widespread and serious. This company and others like it have been calling people in the US, UK, and Canada from Kolkata India. I suspect they are using VoIP because previously lengthy long distance calls would have been too expensive to spend long periods of time convincing people to provide access to their computer. The Microsoft Trustworthy Computing Team conducted a survey of 7,000 people, and found that more than 1,000 people had received calls. Of those 1,000 people, 22 percent of people fell for the scam (234 people total), and 184 of those lost money – on average, more than $800.

Microsoft has known about this fraud scheme for 18 months and warned against it when contacted but only in September 2011 have they removed their association with Comantra. Comantra has taken down their Microsoft partner logo but they still include logos from McAfee and Symantec. There really is no excuse for these large corporations lending credibility to this type of company through the use of their logo as a Google search turns up many articles on this scam.

If you want to learn more check out the following articles:

Dealing with the fake tech support scam

Are you on a call with “tech support” from comantra, unifyinfocom, supportonclick, thenerdsupport, securesecurityinfotech, thesupportonline, go4isecure, thesparksupport, winpctech, compstep, ordinateurassist, advpccare, techisonline, techonsupport, fixonclick, Log4Rescue, PCTechnosupport, onlinepccare, teamviewer or pccare while reading this?

Digitaltoast has recordings of fraud calls and 1784 comments from people affected.

Microsoft Answers with links on the history of this type of fraud

Microsoft dumps Gold status partner Comantra over tech support phone scams

This article is interesting in that it includes a comment from Rajesh Bajaj that Comantra is a reputable company and the scam is that its reputation is being trashed by competitors

Reaction of a Linux user to Comantra persistence

Power of Free comes to Cloud Antivirus

I have written about the free business model and anti-malware before but now the two are coming together in a cloud service.

Panda Cloud Antivirus hits Internet for free

(Via USA Today.)

I have had good success using Panda before with particularly nasty malware so this new service is worth checking out.

Technology Review has a summary of recent activity in the cloud anti-virus market.

Messagelabs, now part of Symantec, with a wide range of cloud security services for the business market started this managed cloud anti-malware services trend now being adopted in the consumer market.