While surfing the Web in December, Keren Brophy got a message on her computer screen telling her to update her antivirus software.
The pop-up message looked similar to Windows security warnings she'd routinely received. She paid $49.99 for a program called Antivirus 2009 from a company calling itself Meyrocorp and thought she was safe.
A few days after she installed the software, Ms. Brophy's computer wouldn't boot up properly and soon was unusable; she noticed the desktop icon for the software she'd bought had disappeared.
She had to wipe her hard drive clean to get the computer working again. Hoping for a refund, she sent an e-mail to Meyrocorp but got only automated replies.
"I never got a dime back from them," says Ms. Brophy, a 37-year-old restaurant hostess from North Port, Fla.
Meyrocorp couldn't be located for comment.
What started out as a small-scale racket to defraud computer users is becoming big business. Rogue antivirus programs — also known as "scareware" — had a banner year in 2008.
A recent report published by Microsoft Corp. found that scareware infections increased 48 percent in the second half of 2008 compared with the previous six months, hitting nearly 8 million.
One program turned up on 4.4 million unique computers, a 66.6 percent increase over the first half of the year, according to the report.
The Anti-Phishing Working Group, an industry association, said the number of scareware programs more than tripled from July to December 2008, to hit 9,287. Experts expect attacks by scareware purveyors to climb higher this year.
"The reason is because they are making an awful lot of money," says Dave Marcus, director of security research and communications at McAfee Inc.'s McAfee Avert Labs.