"Have you ever had a window pop-up on your computer that said something along the lines of: Warning!!! Your computer contains various signs of viruses and malware programs. Your system requires immediate anti-virus check. Click to perform a quick and free scan of your PC' – You have? Well you're not alone," he said in his security blog.
Citing research carried out by Robert McArdle, a senior malware researcher with Trend Micro's research division, Ferguson says that, over the course of a year, a criminal gang generated more than $180 million from malware that infected their victims in at least 30 different countries worldwide.
"You would be forgiven for asking why people would pay for malicious software and the answer is of course, they had no idea it was malicious in the first place", he said.
"The gang creates very convincing looking fake security programs designed to fool the victim into believing that their computer is badly infected", he added.
These scareware programs, says the Trend Micro solutions architect, are then distributed by creating web pages designed to rank very highly in search engine results for popular current search terms or newsworthy events.
As soon as the malicious search result is clicked a pop-up message like the above appears and the infection chain begins.
Ferguson has posted a video of the scam in action on his blog.
"So now, you have given your credit card details to criminals, downloaded malware onto your PC and paid somewhere between $50 to $100 US dollars for the privilege", he explains.
The economics of the scam are interesting, as Ferguson says that, if a gang can redirect 100 000 searches and only 1% of them pay for the product, they net $50,000 for a day's work.
But it gets worse, as the ads that the hapless user sees are replaced by ones from the criminal gang's affiliates, who pay the gang a few cents every time the ad is replaced/viewed.
"Logs from one of the gang's servers showed about a million ads replaced per day, netting them another $25,000 per day, and this was only one of the gang's botnets", he said.