Scareware is malware that scares users with fake virus warnings to extort money or install other malicious software. Learn how scareware works, what are the telltale signs of a threat, and how to protect your computer and data from this type of cybercrime.
Scareware is malware that tricks users into visiting malware-infected sites. It can disguise itself as fake scanning programs or pop-ups that pretend to be official antivirus warnings. These messages say that the user’s computer is allegedly infected with viruses, causing people to panic and pay for a “fix”. In fact, it downloads malware that steals personal data.
Scammers also use spam to distribute such software. After opening such emails, victims often enter their details to purchase fake services, which can lead to the theft of personal information, including credit card details.
Scareware usually follows a pattern. Pop-ups unexpectedly inform you that dangerous files or even pornography have been detected on your computer and continue to appear until you click on the “remove threats” button or agree to install antivirus software. These fake messages look convincing, and due to the use of social engineering techniques, users are often pressured. Such pop-ups can:
Mimic the logos of legitimate antivirus programs and use similar-sounding names
Show a screenshot of the “infected” files on your computer
Display a progress bar that shows your computer is “scanning”
Contains flashing red images
Use CAPITAL letters and exclamation points with warnings to act quickly or immediately
This tactic is aimed at inciting feelings of panic and fear. They do this to encourage users to make irrational split-second decisions and trick them into:
Buying junk software
Downloading different types of malware or
Visiting websites that automatically download and install malware on your devices
Reliable antivirus vendors do not use scare tactics to collect information. The more intrusive and dramatic these notifications are, the more likely it is a scam. Cyber criminals often take advantage of the fact that many users do not know about it.
If you respond to the “I have a virus” pop-up and click Yes, Download, or Protect Now! while entering your credit card information, one of two things may happen:
The less harmful outcome is that you’ll lose some money and install junk software that won’t fix your computer, but won’t hurt your computer either.
A more damaging option is when fraudsters use your credit card and personal information to steal your money and commit identity theft. They may even hold the contents of your hard drive hostage until you pay them a ransom.
If you think you may have fallen victim to a fake virus scam, here are some things to look out for:
Numerous notifications or banners appear on your screen.Fake antivirus pop-ups – often with text in capital letters and exclamation marks – are designed to cause panic by warning you of an urgent security breach.
Reduced working capacity.A computer infected with malware tends to slow down, crash, and freeze. Malware is designed so that you can’t do anything about it.
Programs and features appear randomly.You may see a new desktop icon for an application you don’t recognize, or your browser may display new toolbars along with a new home page. This can lead to the download of even more rogue software.
Inability to access programs or files.For example, you may see unusual error messages or blocked paths.
You recently clicked on an online ad.Some banners may be malicious ads, that is, malicious ads. This is an ad with embedded code that downloads dangerous programs to your computer. Always search and verify product names, and don’t click on online ads you’re not sure about.
Common examples of deterrence programs include:
Scary websites or pop-ups with fake virus messages are one of the most common ways scareware spreads. Often, such windows are found on suspicious websites or advertisements, especially on social networks such as Facebook. The pop-up looks like a message from an antivirus program trying to convince the user that their device is infected. The goal is to get the user to click on a link to download a purported “fix,” which is actually a trojan horse that downloads malware.
Scaryware emails are another method where an attacker sends an urgent letter calling for immediate action. The email may look like a message from a well-known company, but contain a link to download malware or request access to the system.
Contacting tech support can also be a form of fraud, where an attacker calls and pretends to be a tech support representative or law enforcement, claiming “suspicious activity” on your computer. The goal is to trick the user into providing remote access to their device, allowing fraudsters to commit further crimes.
Many scare programs copy user interface elements from genuine anti-malware programs and use legitimate-sounding names.
Examples of fake antivirus and anti-malware solutions:
SpySheriff
ErrorSafe
Mac Defender
DriveCleaner
WinFixer
WinAntivirus
A terrible example in the news involved an insurance agent in the US. In 2020, he lost over $2,000 to a terrible software scam that started on his computer and ended with a phone call. He paid the criminals directly to “fix” the problem on his computer, then paid a second amount when the criminals triggered a recurrence of the malware.
Shut down your computer and contact an IT professional: Someone who is IT savvy can connect your hard drive to another machine and scan it for malware without booting your operating system. This prevents malware from running and causing more problems.
Turn off your Internet connection: Turning off your Wi-Fi or router will help prevent malware from sending your data to attackers.
Change your passwords as soon as possible: Start with your main email account that has other services linked to it. Your bank accounts should also be a priority, especially if you believe your credit card information may have been compromised.
With the proliferation of scary apps for iOS and Android, it’s important to be careful across platforms and operating systems. Practicing cyber hygiene is the best way to prevent Google scams such as scareware, pop-ups and viruses. Here are some of the steps you can take:
Avoid clicking on suspicious pop-ups offering to download a solution to “fix” the problem.
Close suspicious pop-ups through Task Manager without clicking the Close or X buttons.
Update your browser to protect against fraudulent pop-ups and threats.
Turn on the pop-up blocker to avoid fake ads.
Test new software before buying, don’t download untested programs.
Use comprehensive cyber security tools: ad blockers, URL filters, and firewalls.
Always use reliable antivirus software to prevent and remove threats.