Journal of Information Processing
Online ISSN : 1882-6652
ISSN-L : 1882-6652
Understanding the Fake Removal Information Advertisement Sites
Takashi KoideDaiki ChibaMitsuaki AkiyamaKatsunari YoshiokaTsutomu Matsumoto
Author information

2021 Volume 29 Pages 392-405


Fake antivirus (AV) software is a type of malware that disguises as legitimate antivirus software and causes harm to users and their devices. Fake removal information advertisement (FRAD) sites, which introduce fake removal information for cyber threats, have emerged as platforms for distributing fake AV software. Although FRAD sites seriously threaten users who have been suffering from cyber threats and need information for removing them, little attention has been given to revealing these sites. In this paper, we propose a system to automatically crawl the web and identify FRAD sites. To shed light on the pervasiveness of this type of attack, we performed a comprehensive analysis of both passively and actively collected data. Our system collected 2, 913 FRAD sites in 31 languages, which have 73.5 million visits per month in total. We show that FRAD sites occupy search results when users search for cyber threats, thus preventing the users from obtaining the correct information.

Content from these authors
© 2021 by the Information Processing Society of Japan
Previous article Next article