Finally, the authorities are getting tough with the sellers of bogus security software, a phenomenon known as ‘scareware'.

Several companies are now being <a href="" target="_blank">chased down by the US Federal Trade Commission</a> (FTC) for a scam that is believed to have netted millions. But here's the real news that few will care to look closely at - whole sections of the legitimate Internet industry have made this whole thing possible.

A definition of terms: ‘scareware' or ‘scamware' are supposed anti-malware programs that find threats on a user's PC after a ‘free' scan. The licence to clean up the non-existent mess costs, of course.

They've been around for years, and many of them make their living in the US, supposedly the one country in the world that gets tough on fraudsters and ahs lawyers a plenty to pursue wrong-doers. Except that they haven't been. The authorities have ben amazingly slow to act despite a long history of this snake oil software.

Embarrassingly, legitimate bits of the Net have inadvertently helped fuel this in recent times, starting with Google's Trends search for identifying popular search topics from day to day. Scammers just work out which issues are the hot ones on Google, then set up fake blogs (on say Windows Live Spaces) that lead straight to fakeware sites that make all sorts of bogus claims about ‘viruses found' (<a href="" target="_blank">see Marshal8e6 blog</a>).

These ads can even be embedded on otherwise legitimate websites belonging to large publishing companies, which adds to the likelihood that users will trust them.

Another variation on this scam, is the old search manipulation where users look for ‘free anti-virus' (as they might if the suspected they had an infection) and get a Trojan that plagues them with requests to buy a fake program. Scammers have even taken to <a href="" target="_blank"> passing their Trojans off as well-known AV programs</a>.

None of this is helped by the marketing tactics of some anti-virus vendors, who use such searches to push their wares. Typically, this involves running a scan that finds an infections (legitimately, but I have personal knowledge of mis-identification and exaggeration of old files form an extinct infection being played up as a current concern), followed by a demand for $29.95 to sort the problem out.