NeoN tried to steal from the crooks, said Stewart, but was blocked. Soon after that, however, Bakasoftware's administrator, a user pegged only as "kreb," changed members' access passwords.

Bogus anti-virus programs are not a new criminal tactic, but using them to collect money from naive users has been on a major upswing. The increase, in turn, has prompted reactions from some technology companies. , for instance, joined the attorney general of Washington state to file several lawsuits against suspected scareware distributors.

"This is a huge moneymaker in the underground," Stewart said. "It carries little risk, because they're not out and out stealing credit cards or bank account details. So even if law enforcement finds out about them, they're not going to be first on the list."

The crooks also have a tenuous deniability, said Stewart, since his analysis of Antivirus XP showed that it did, in fact, detect a very small number of threats. "They have some plausible deniability," he argued. "They could just say they didn't know that the program sucked so badly."

Useless security programs like Antivirus XP rely on their near-constant blizzard of pop-up warnings -- all faked -- to irritate or worry users enough to pay for the software. Only after paying for the program, then registering it, do the pop-ups stop.