The rouge AV companies, like Anti-VirusXP and 360, use pop-up messages and fraudulent websites to trick people into paying for security they do not need.
These companies go to great lengths to emulate the Windows security application and popular Norton products. Unsuspecting users then download the full malware and are led to believe they need to pay to get rid of malware they do not have (other than the fake anti-virus app). In most cases once the consumer gives their credit card information it is passed on to others for identity theft. In some they simply take the money and leave the user with an infected system.
Read more here.
There was a significant increase in rogue security software, which falsely informs people they need to buy security software and instead either does nothing or steals personal information, the Microsoft Security Intelligence Report found.
Two rogue malware families--Win32/FakeXPA and Win32/FakeSecSen-- were detected on more than 1.5 million computers, pushing them into the list of top 10 threats in the second half of 2008. One rogue application, dubbed Win32/Renos, was found on 4.4 million computers, showing growth of nearly 70 percent over the first half of the year, according to the report issued twice a year.
Microsoft and the Attorney General's office in Washington state filed a handful of lawsuits against alleged scareware companies last year.