Back in June, in my "Busted! FBI nails notorious scamware artists" post, I wrote about the FBI's efforts to bring indictments against three companies who used scare tactics to strong-arm PC users into buying rogue antimalware products.
You know the come-on: "Global Virus Alert! Whizmo Free removed 317 viruses from your computer, but there are 48 additional newly identified threats that steal banking passwords and financial account data. Whizmo Free provides basic protection, but these new threats require additional security." Ominous buttons allow you to "See threat details" or "Get protection."
Check Point Software Technologies, purveyor of the popular ZoneAlarm Internet Security Suite, has copied a chilling page from the scum it claims to fight. Hundreds of ZoneAlarm customers report that they've been presented with a warning dialog that claims, "Global Virus Alert / Your PC may be in danger!... Threat Name: ZeuS.Zbot.aoaq ... is a new Trojan virus that steals banking passwords and financial account data. Your ZoneAlarm Free Firewall provides basic protection, but this new threat requires additional security."
In a nice extra touch, the warning dialog sports just two buttons: "See threat details" and "Get protection."
Make no mistake about it: ZeuS.Zbot is a very real threat. It's just that -- uh oh -- Check Point's product didn't actually find ZeuS.Zbot on the flagged machine. It's just warning you that you might have ZeuS.Zbot at some point in the future, and that you need to pony up to the bar and pay for protection in case ZeuS should ever darken your door and start tossing bank account information through your compromised firewall. See the difference?