Most users these days are more aware of the threats we face in the digital world. Especially online! Yet, most people don’t really know much about how the technology they use every day works. This makes it easier for the creators of malware to convince people through the use of techno-babble and scary-sounding technological consequences.
Scareware is the explicit weaponization of this technological ignorance, and it can have devastating consequences. So let’s look at the forms that scareware can take.
What Is It?
Scareware is a type of attack meant to make users panic, thinking that something is seriously wrong with their computer, phone, or other online devices. Scareware can be an actual malware infection on your computer or phone, but it can also be as simple as a website popup meant to mimic an antivirus program popup. Some are simply banner adverts you’d find on disreputable sites.
The warnings from scareware are incessant until you click sort of “clean my system” or “remove threat.” If you do, you’re routed to a malicious website, which is where the problems really begin!
Why Is Scareware so Dangerous?
Apart from the problems that come from already having a piece of malware on your device, scareware can cost you money and time directly. Besides the fact that it’s a warning for a danger that doesn’t exist, complying with a scareware program’s requests can lead to the installation of more dangerous malware, the theft if your credit card details, and the theft of sensitive private information.
So it’s no joke. If you go ahead and spend your money on the scareware author’s fake “antivirus” software, you could be giving them the keys to the castle. At some future point in time, your keystroke records, screen captures, passwords, and more will simply be sent to the program author on a silver platter.
How to Spot It
Scareware works because it makes users think that something has gone seriously wrong with their system and that they have very little time to do anything about it. So they falsely believe that the only solution is to hand over money and personal information to cure a problem that the attacker created in the first place.
Scareware is pretty easy to spot. The web-based stuff originates from your browser through a web page. So if you close your browser, the warning goes away. If it originates from malware already on your system, it can look like a system popup. However, any system warning that tells you to go to a website or pay money to remove malware should be immediately suspicious.
What to Do About Scareware
The most important thing to do when you spot some scareware is to take a deep breath and think it through. If the popup comes from your browser, it means there isn’t actually anything on your computer. Either you’re visiting a site that’s been compromised somehow, or you’re on a site that’s just disreputable from the get-go.
No matter where the scareware comes from, the actions you should take are exactly the same:
- Close all open applications
- Restart your computer
- Install trusted antivirus and antimalware if you don’t have it already
- Run scans using known and trusted software
- Remove any malware they detect
Following the scan, if your legitimate security software doesn’t detect any malware on your system, consider which websites you were visiting at the time of the attack. Consider blocking all popups and only allowing them on a case-by-case basis.
The way to prevent scareware is no different from keeping all malware off your system:
- Don’t open unknown email attachments
- Don’t click on links in emails
- Install antivirus software with real-time scanning
- Don’t enable popups
- Don’t click links inside popups
- Avoid sites that aren’t 100% trustworthy
It really is as simple as that. Just remember the rule of thumb – take a breath. Think about it and only do maintenance on your computer using trusted software you chose and installed yourself.
Fear is a powerful tool in the hands of scammers. But if you simply fail to panic, they’re actually no scarier than a Halloween sheet ghost.