Fake anti-virus software that infect PCs with malicious code are a growing threat, according to a study by Google.
Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software.
Scammers trick people into downloading programs by convincing them that their PC is infected with a virus.
Once installed, the software may steal data or force people to make a payment to register the fake product.
"Surprisingly, many users fall victim to these attacks and pay to register the fake [anti-virus software]," the study said.
"To add insult to injury, Fake anti-viruses often are bundled with other malware, which remains on a victim’s computer regardless of whether a payment is made."
The study, which was presented at the Usenix Workshop on Large-Scale Exploits and Emergent Threats in California, analysed websites between January 2009 and February 2010.
It discovered more than 11,000 web domains involved in its distribution of fake anti-virus.
More than half of the fake software was delivered via adverts, Google said.
Graham Cluley of security firm Sophos, who was not involved in the study, said that one of the key ways that hackers spread fake anti-virus was so-called black hat search engine optimisation techniques.
"The hackers track trending news stories – such as the death of Michael Jackson," he said.
"They then create websites stuffed with content, which in many cases can appear on the first page of search results."
Anyone clicking on the link, he said, would be confronted with a pop-up with a link to fake anti-virus software.
Google uses tools to filter out booby-trapped websites, but the firm said that hackers were managing to avoid detection by moving between domains quickly.
Mr Cluley said that people should be familiar with their own anti-virus software and should "always be suspicious" if they were confronted with a pop-up telling them you need to download something extra or spend money to clean up a computer.
"If you already have anti-virus installed you shouldn’t need to do that," he said.