Scareware is rogue malware (malicious software) that preys on people’s emotions, fears, and limited technical knowledge — using social engineering techniques to persuade victims to compromise their
Scareware most often presents itself through fake virus alerts, deceptive software updates, or sham malware removal tools that scare you into believing your device is infected or needs updating. The criminals fool you into clicking the link or ‘download’ button, thinking you’re getting genuine
The bad actors know that a human tendency is to trust others, particularly those who appear to be in authority positions. Cybercriminals recognized that this is true of human behavior on the Internet, just like in real life. So, they exploit this quality.
How does Scareware work?
The most common method is when you’re browsing online, and a pop-up ad appears on your screen, warning you of some bad event – such as your device is infected with dozens of viruses. The ad claims that it will immediately eliminate the viruses if you buy and download their
If you’ve experienced this, you’ve been hit with a scareware attack. Scareware is a scam in which bad actors attempt to access your financial or payment (credit card) information and often access your device by tricking you into buying fake
How do I know if I am hit with Scareware?
The most practical option to protect yourself is by recognizing the warning signs of Scareware.
The pop-up ad is especially ominous
The scammers want to scare you so that you’re more likely to act and purchase their fake product. They intentionally use ominous warnings that your computer is infected with hundreds of viruses, or that these viruses will immediately cause your computer to crash to persuade you to act – it is a form of social engineering. The more threatening and scarier the claims are, the more likely you will react to the scareware the way they want.
The ads push you to act fast
Urgency is a technique used by marketers to cause action. Cybercriminals are creative, and they leverage the same methods that legitimate individuals use to influence behavior. The bad actors behind these attacks want you to quickly purchase and install their malware before you have a chance to think about it. If a pop-up demands that you act now, it’s probably Scareware.
You can’t seem to close the pop-ups
They want their scareware pop-ups to remain on your device’s screen as long as possible. So, they make it difficult to get rid of the popups from your screen. If it’s difficult to close the pop-up ads, or if clicking on the “X” button to close them instead brings up more warnings, you’re likely dealing with scareware.
It’s a company you have never heard of
Most of the
Some known fake
They appear to “scan” your device for viruses
To make their warnings seem even scarier, many of these pop-ups will seemingly start scanning your computer for viruses and report a list of the dozens or hundreds of viruses they claim to have uncovered. They are not scanning your device, and the results they’re showing are bogus.
By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.
Best practices to avoid Scareware?
Here’s how you can help keep scareware at bay.
- Keep your browser updated – Most browsers have built-in popup and ad blockers. Keeping your browser(s) updated is one of the best ways to minimize being hit by scareware.
- Turn pop-up blockers turned on – Stopping or shutting off popups will prevent your screen from being filled with advertisements for fake
security programs.
- Install a quality antivirus/antimalware tool on your devices – A top priority should be to install a quality
antivirus /antimalware program from a trusted company. They offer the best protection against all forms of viruses, malware and will protect your devices from scareware. - If you get pop-ups, RESIST the urge to CLICK – Good cybersecurity practices include “Never Click” on any links or “download” buttons on pop-ups. If you are really worried that your computer is infected, do a Google search on the company behind the pop-up you’ve received. You’ll quickly discover whether that company is offering legitimate or scam
security software.
By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.
Recommended Reading
What is a Computer Virus?
What's a computer virus? We hear about it all the time but do you really know what it is and how to prevent one?
What is a Rogue Certificate?
A rogue certificate is a valid certificate issued by a legitimate certificate authority. However, it’s untrustworthy because either it was compromised or was issued to the wrong party.
What is Social Engineering?
Social Engineering in the digital world is the intentional deception and manipulation of victims to cause the release and sharing of confidential information used to commit fraud and other cybercrimes.
What is Adware?
Adware, known as advertising supported software, makes money by displaying ads - popups, inline, banner. ANNOYING!!, but typically used to support free software.
What is a Remote Access Trojan (RAT)?
A remote access Trojan is a software used by hackers to gain unauthorized access and remote control on a user’s computer or mobile device, including mouse and keyboard manipulation.
What is an Ad Blocker?
An Ad Blocker is an app or browser extension that stops ads (popup, banner, inline) from displaying on your desktop or mobile device.