What is a Scareware Attack, and How Does it Work?

You may or may not have heard about shareware attacks, but if you fall prey to this ruthless tactic, you may end up with serious security, privacy, and identity theft problems.  

What is a Scareware Attack?

A scareware attack involves the use of social engineering tactics to trick and scare you into clicking a clink, which then infects your computer with malware. The most common scareware attacks pop up messages on your computer or browser informing you that your computer has a virus or has been infected, and you must click the link to fix it. 

Sometimes the ads try to “sell” you a piece of antivirus software (which is bogus), and most often, your computer doesn’t even have any viruses. It is all a ruse. If you do hand over credit card details, you may end up the victim of fraud as well. 

These pop-up messages often imitate Windows pop-up boxes to look legitimate. However, Windows does not inform you of viruses or try to sell you the fix. The scarier versions don’t even allow you to close the box; if you click Cancel or hit the X button in the top corner, it will take you to the malicious website downloading automatically. The “fix” it promises is malware meant to spy on your activities, steal your information, or take over your computer.

In October 2008, Microsoft and the Washington Attorney General sued two companies (Branch Software and Alpha Red) for scareware called “Registry Cleaner XP.” Then in December 2008, the Federal Trade Commission took out a restraining order on two additional companies (U.S. Innovative Marketing Inc., and ByteHosting) for their scareware products: DriveCleaner, WinAntivirus, ErrorSafe, WinFixer and XP Antivirus. 

Some additional scareware programs to watch out for are: 

• Total Secure 2009.
• AdwarePunisher.
• SpySheriff.

How Does Scareware Work?

Unfortunately, thieves have made millions off of scareware, and because they prey on people’s lack of knowledge and fear, new victims fall for this tactic every day. 

Once you click a link to “fix” your computer, malware may be installed in the background. This malware could be capable of recording keystrokes and stealing your logins (usernames/passwords), credit card and bank details, and more. In some cases, the malware is ransomware, and the hacker may take complete control of your computer, encrypting all your data and locking you out until you pay the ransom. 

How to Identify an Ad as Scareware

Thankfully, there are some telltale signs that can help you from becoming a victim of this scam. Look out for the items below:

• Grammatical errors - Often, scammers are from other countries where English is not their native language, and the messaging may be full of grammatical, punctuation, and spelling errors. 
• Phone number - If the pop-up ad urges you to call a phone number, this is a big tip-off that it’s a scam. They simply want to get you on the phone and grab your credit card details to buy their fake fix. 
• Payment method - If they ask you to pay for the software with prepaid gift cards or a wire transfer, or even bitcoin, hang up. It’s a scam. 
• Warn without scan - You see a pop-up that your computer is infected, but you haven’t even initiated a scan using any software. That is another sign that it’s a scam.
• Urgent messaging - Usually, scammers use scary and urgent wording to get you to click. If the message seems frightening or mentions dozens of infections, calm down, and close the ad. It’s not real. 
• Hard to close - If there is no clear way to close the ad, reboot your computer either by holding down the power button or using CTRL+ALT+DEL on a Windows machine.
• Fishy name - Typically, scareware antivirus “software” has very odd names like SpyWiper, Advanced Cleaner, and things like UltimateCleaner. These are fake. 

How to Stay Safe From Scareware Tactics

Although you may not be able to avoid coming across one of these pop-ups as you browse the internet, you can take steps to ensure your safety. 

• Never click the “download” or “fix” button on one of these ads. If you can’t close it without it taking you to a URL, reboot your computer and do not visit the site you found it on. Install legitimate antivirus software and do a deep scan of your machine before doing anything else.
• Never provide credit card information either online or over the phone for one of these programs.
• Do not be frightened. These ads lie to get you to download malware.
• Keep your browser and operating system updated with the latest patches.
• Turn on pop-up blocking.
• Install good antivirus software to keep you protected at all times. Run deep scans often. 

Use common sense. Even if you see something scary, stop and investigate it first before taking any action that could lead to more trouble.