For so long, I have been reading these forums, which to the best of my knowledge is for corporate users in small, medium, large and enterprise environments. I say this because I have seen threads where people are being told to post in "home user sections of the boards". Also, as far as I know, is for troubleshooting issues related to SEP and SEPM.
Furthermore, these "threats" such as Fake AV and so on, have to be installed in order for the system to be infected. Installed as part of a package from a website or some package that an "end user" wants to have or thinks he or she may need.
Short of certain "mobile users", I don't understand how corporate administrators today, be it a lone IT guy or an entire department, still allows end-users, corporate end-users at that, to have free access on the internet- to download and/or upload all that they will and please. Moreso than that, allowing those same end-users to have the 'rights' granted them to install these applications, bundles, packages at their own will...
Granted, some legitimate websites today do get 'hacked' 'cracked' or become victims of fly-by malware and continue to spread that infection along, but nearly all corporate AV/AS software should catch it.
That a user, can go home and download an application, burn it to a CD, e-mail it to himself/herself or even put it in on a USB key to than bring it into the coporate environment and infect his/her own machine- spreading the malware/spyware/virus further into the coporate chain and causing more damage than good is completely baffling to me. The time spent cleaning the machines and removing wipe spread or fast moving Viruses, which were brought there by a user, should not be. Worse than that, the administrators that allowed the threat to be brought in is even more appauling.
Dissapointed. People constantly say that SEP couldn't detect this or that, well really I am dissapointed in the quantity of administrators that allow this to happen. End-users don't get the impact of what they do, because to them, a home PC is not usually a big deal to format and re-install. Pictures saved on an external drive and the applications "they can always download again". The time and the cost of rebuilding a machine from scratch, dumping an image, recovering sensitive materials... All that time, ressource and budget being wasted, which could have served so many better causes.
I am not saying any and all systems are impervious, and the latest Blaster worm or Code Red or Voondo or whatever is lurking around the corner and some of us will eventually get hit. But why expose yourself to all the harm out there?
Dissapointed? Yes! But not in Symantec or Kapersky or McAfee or CA or any other vendor. The dissapointment comes from how many people allow their companies to get infedted, time and time again. AV is not your only line of defense.
That's my 2 cents. Sorry about the rant...