I've had a lot of employees lately come to me with issues on their home PCs where they have had Fake Alert/Rogue viruses. I was planning on sending out a warning to users explaining to them that these are actually viruses. I was also planning on informing them that in order to help prevent occurrences like this they should be sure to have an antivirus w ith an up-to-date subscription. I'd also recommend if they don't have a subscription to download MSE or another free antivirus.
However, I wasn't sure exactly how to instruct them to differentiate between a legitimate windows or antivirus alert and one from a fakealert program. Does anybody have any suggestions?
UPDATE
This is the message I ended up sending. I figured I should probably stay away from even mentioning their personal computers.. mostly to avoid requests to fix them. However, by sending this message, they will at least be slightly more aware of fake alert viruses out there.
Over the last year, there have been an increasing number of computer viruses spreading that actually pretend to be antivirus software. These viruses very closely mimic legitimate windows and mac software, so it can be hard to tell whether or not virus warnings that appear on your screen are legitimate or not.
While we do have virus protection on company computers, it is still possible to get a virus by simply visiting a website… even reputable ones. If you ever have a popup that tells you that you have multiple viruses and that you need to scan your computer immediately (or do anything else), please shutdown your computer by holding down the power button until the screen turns black and contact the IT staff immediately. If you aren’t sure whether a message is genuine or not, please contact us immediately as well.
Below are some images of some of the more popular “fake alert” viruses out there.
You really can't. Users don't care enough to delve into the topic of viruses, trojans, malware, etc...
The best you can do is have them run an up-to-date AV (AVG, MSE, etc.) along with a couple tools (with updates applied frequently) of anti-malware programs like Spybot Search and Destroy and AdAware.
Warn them also that multiple AV installed don't play nicely.
Last, be careful how far you go in playing sysadmin to home user system. You may end up taking responsibility for their home computer issues, and if you're not making it clear that this isn't pro-bono work you may be held responsible for fixes and updates (and BROKEN SOFTWARE PROBLEMS) that you and your advice may have had absolutely no connection to, but to the users...it's all "computer stuff", they did what you said to do, so it's your fault.
Trying to be the nice guy has backfired on people I know more than once...so be careful to qualify your advice with disclaimers.
I'd otherwise just tell them to keep scanning their system and keep anti-malware up to day, and whenever something pops up (or do it once a week) run the manual checks with spybot/adaware in addition to the on-access antivirus. NO ANTIVIRUS WORKS 100%. They need to know that.
Harsh answer possibly but I would stay well clear of making any recommendations to your professional users about what they do with their computers or IT at home.
The reason is that people often don't care about work systems but care a hell of a lot about things they've spent their own money on - if they perceive you've somehow given them 'bad information' it will affect their professional opinion of you - yet they won't appreciate it when you do give them good advice.
It's an easy thing to dodge too, just state that the company uses pro-quality software that you wouldn't recommend for home use and that they're better speaking to someone at a consumer IT store for advice.
Like I say, harsh answer but why risk all your good work to give someone free advice they could get elsewhere.
Trend Micro has a pretty good writeup (Trend Micro) as well as the Internet Crime Compaint Center (IC3). This should give you a good start.
However, the problem I have faced with attempting to do exactly what you are is giving enough information to be descriptive without giving so much that people's eyes just glaze over.
With so many possible configurations of AV's and PC's out there, you can never cover all the ways to differentiate between the two types of windows. Do the best you can to make it "human readable" and please post back what you might have decided. It can only help others in your situation.
Your greatest asset in fighting malware is your users! They're the weakest link but also the strongest defense - you just need to configure them properly! ^^
Arrange seminars for them, preferably with some skilled speaker who specialises in this area (ok I might have been lucky finding such niched speakers who were also very fun to hear/watch and could step way down to the right level to get normal non-IT people's attention for a half-day)... or hold them yourself.
Go through some basic malware and fake virus warnings and educate the users in how to keep their computers a bit safer. Combine this with a walk-through of the company IT structure and policies to help get funding and also show what a complex thing it is and what can go wrong and why.
Also point out the differences between home computers and the machines on the company network - and how this applies to security (ie security policies must be followed and why but also that a lot of things are handled by IT so the users doesn't have to worry as much at work and of course that you can not be held responsible for their home systems).
Generally educating the users in IT security is to me a pretty basic necessity to help evade malware and discover targeted attacks and attempts at social engineering.
There's a pretty good presentation by Jesper Johansson called Anatomy of a hack 2008 that should give a lot of ideas in this exact regard as it deals with the infamous Antivirus 2008 varieties (or could be used in its own depending on the IT maturity of your users but it's aimed at IT Pros).
Teach them a bit that will be helpful at home as well and they'll most likely stay a bit more alert at work too. Obviously write off any responsibility for their home environment but help them get a clue and they'll help you. Help them identify what could substitute home support for them as well, like how to figure out where to go when in trouble (which shouldn't be "to the company IT staff" ;)
Make it a mandatory and reoccuring "class" to catch new users and remind old ones of the company's IT security policies, general structure, how to file support tickets and this added spice of teaching about malware for both work and home use with the latest updates in the area. I used to do this for a small non-IT company with ~150 users and it was generally well-received for a few years before I moved on. They especially enjoyed getting to ask all sorts of questions about their IT environment at large in a class-room-like set and getting answers on the spot. Oh and never forget the morning coffee.
Your best bet is to recommend a specific home antivirus (AVG is my personal preference) then show them screen shots of a valid virus warning (i.e. download a virus from online and do a screen print).
As stated by others, I avoid giving direct advice. But you can give general advice yet let someone else do the heavy lifting i.e. redirect staff to magazine or websites articles.
such as this article about fake antivirus at PCWorld. Or this article on security software
You've helped people by giving relevant information but not told them to buy a specific product.
On rare occasions, and only when I believe the threat is severe enough to warrant it, I'll issue a warning but will keep it as general as possible. By all means advise the users to have proper AV protection but never make a recommendation. If they ask what to use I'll direct them to Google. If you recommend anything they will hold you responsible for whatever happens. While that carries no weight, none of us need the problems brought about by the animosity this can create. Been there, done that, learned the lesson!