Beware of Scareware

scareware - intended to scare you

Scareware is a form of Malware, or Malicious Software and is meant to frighten the recipient into doing something such as installing software or clicking a phishing link.

Scareware is a malware tactic that manipulates users into believing they need to download or buy malicious, sometimes useless, software. Most often initiated using a pop-up ad, scareware uses social engineering to take advantage of a user’s fear, coaxing them into installing fake anti-virus software. Scareware goals can vary from redirecting you to a site to enter your details also known as phishing to the installation of damaging malware.

Scareware has been known to convince users to download ransomware, a form of malware that holds the user’s data hostage in exchange for a pay-out.

Some of the most common scareware attacks take the form of pop-up windows that pretend to be messages from an antivirus program, a firewall application or from your Windows operating system. They will typically inform you that your computer has been infected with malware and ask you to purchase an antimalware program to remove the virus.

An example of this tactic in action was the case of Office Depot and its tech support vendor, Support.com who deceived customers into downloading a free “PC Health Check Program.” The health check program was used to sell diagnostic and repair services customers often did not need. They were fined $35 million dollars by the FTC in 2019.

What can you do if you fall victim?

Once you’ve identified that you’re under a scareware attack, don’t use the “X” or “Close” buttons to close the window, as this may trigger malware to be downloaded to your computer. Instead, close your browser by pressing Ctrl-Alt-Delete or right-clicking the window or tab and selecting “Close”.

Next, shut down your wireless router and disconnect your computer from the internet. Open your antivirus software and run a full scan to determine if there are any viruses present on your computer. Additionally, check the Quarantine folder in your antivirus program to see if it has discovered any malware before you started the scan. Once you’ve used your antivirus program to remove all the viruses, restart your computer and make sure that it is running normally. If it’s not, it might still be infected with a virus, so it’s better to get help from a professional.

Finally, it might be a good idea to contact your bank and let them know that you suspect a scareware attack on your computer to protect yourself from any disputes later and change any passwords to sensitive software such as your banking app and social media accounts on a different device that isn’t infected.

Still not sure how to protect yourself online?

Contact our team here and we can train you and your staff on how to spot this type of attack and many others, with our friendly expert advice.