Best Ways To Prevent Rogue Antivirus Infections, Outbreaks ...

The place to start is with user education. I am surprised, as ubiquitous as computers and the Internet are, that so many people are totally clueless about how to protect themselves. Guess it's a "never gonna happen to me" mentality,

Second, get a good anti-malware product.  There are about as many opinions as to what that ought to be as there are people answering questions. Assuming you're in a work environment, develop a multi-tiered approach to protection.  In our environment we have a hardware-based firewall, an IDS/IDP device, we filter our email and our web access, and run a corporate level anti-malware product.  And even with that, we still occasionally get hit. But as good as I think the protection is, I really believe that things have improved mostly because of user education.

This particular site has everything that you mentioned (e.g. IDS/IPS, AV, anti-spyware, firewall, etc...), and also does User Training, but the Rogue Antivirus is apparently installed when users click on infected links during web browsing (i.e. SEO infections) - and the IDS/IPS and other defenses do not effectively protetect against that.   The malware products are also in place, but have varying degrees of success against this constantly evolvoing (and difficult to thoroughly clean) piece of malware.   So at this site they too only occassionally get hit (considering there are 100s of users) but when they do get hit it is often a difficult process to fix.  I wanted to find out what measures others are (effectively) using to protect against these specific types of infections ...


EW>

Good info ! Thank you everybody !