Using pirated software creates a one in three chance of downloading malware, according an IDC white paper on the subject commissioned by Microsoft.
The Dangerous World of Counterfeit and Pirated Software, commissioned as part of Microsoft's Play it Safe campaign, says the chances of encountering malicious code are high.
Even if the software itself does not include malware, it could be present on the websites or peer-to-peer networks from which it was taken and infect user PCs during the download.
In addition, when authentication codes are needed to activate the software they are often available on counterfeit sites that are infected. There are even instances where malware is delivered through normal channels.
"In other words, your chances of encountering malicious code in counterfeit software are high - whether you know it's counterfeit or not," IDC says.
It estimates that the direct costs to business of cleaning up malware will amount to $114 billion this year, and potential losses from data breaches could be close to $350 billion.
According to BSA The Software Alliance, 42 per cent of the software packages installed in PCs around the world in 2011 was pirated.
Criminal activity
David Finn, Associate General Counsel for Microsoft Cybercrime Centre, said in a blogpost on the report that it mirrors the findings of the company's own investigators.
"My team of investigators, analysts and attorneys (many of them former prosecutors and law enforcement officials) has been probing the dark world of software piracy for almost 15 years, and the detailed research from the IDC and our forensic experts mirrors what we have increasingly seen: software piracy often means nasty criminal activity and danger," he says.
Finn said that Microsoft's response is to urge buyers to play it safe, asking questions, investigating packaging that does not look right, and being cautious when prices look too good to be true.
He added that users who realise they have malware should go back to the dealers and if relevant report it to Microsoft.
The IDC report was based on lab tests on 353 websites and two surveys across 10 countries including the UK, one of 1,104 consumers and 973 business users, the other of 268 IT managers and chief information officers.
