Are You Vulnerable to Scareware Attacks?

What is scareware?  You may not have recognized it at the time, but you’ve certainly seen a pop-up ad offering to scan your computer or mobile device for viruses.  True to the name, scareware is intended to frighten you into taking action that could potentially harm your computer, steal your personal information or cheat you out of your hard-earned savings.  Here’s what you need to know to protect yourself.

What is Scareware? 

Scareware is a type of malicious software that tricks computer users into purchasing and downloading software.  You’ll first see an official-looking pop-up window telling you that your computer has been infected.  Or, the window may inform you that pornography has been found on your hard drive.  An ad offers to remove the threat or the offending material — for a fee.  If you fall for the ruse, you will not only hand over your email address and credit card number, you might also lose dollars on the deal.  But that’s just the beginning.

How Scareware is Used

A scareware pop-up can be difficult to get rid of.  You may receive dozens of pop-up messages that resist your attempts to close them or back out of the website.  You might even see what appears to be a status window, showing a real-time live scan of your hard drive, identifying hundreds, if not thousands, of bogus threats. 

Don’t click anything in the window, follow any links or call phone numbers provided.  Actual security protection messages do not give a phone number.  You may see an X or a close button.  There may also be a link, an OK or a button for more information.  The pop-up window might display logos from legitimate companies, or names of companies you recognize.  These are all traps.

If you’ve fallen into the popup trap, at the very least you’ve granted scammers access to your computer via the software.  If you’re lucky, the software is useless.  But odds are you’ve just installed a virus or a malicious program on your hard drive that can now access your personal files, hijack your email account and track your online activities.  This could put your personal information such as credit card numbers, bank account numbers and medical insurance — and your very reputation — into the hands of scammers. 

Scareware Tactics that Reveal the Scam

Like most scams, scareware tactics follow predictable patterns.  Be aware of the following dead giveaways:

  • Misspellings, typos, grammatical or punctuation errors: Although scammers are getting more sophisticated, you may still notice one minor mistake in the pop-up, like an odd use of capital letters.
  • A phone number is listed: Real software security vendors will not ask you to call them.
  • The scan is too fast: Actual computer scans take more than an hour, not minutes.
  • You don’t recognize the software: If you did not install the software, then it does not have access to your hard drive and would be unable to perform a scan.
  • You’re asked to pay using an alternative method: If you get to this payment stage, you’re probably already in trouble.  A legitimate company will not ask you to pay by bitcoin, gift card, wire transfer or some other unusual form of payment.

How to Protect Yourself from Scareware

There are several steps you can take to protect yourself from scareware.  Familiarize yourself with any anti-virus software installed on your computer.  Note the name of the vendor, the logo and the shape and size of its pop-up messages.  Run it so you know what actually happens.  For optimal protection, make sure you have the latest version installed.

If you encounter a suspicious pop-up message, as mentioned, do not click anything in the window, including the X or cancel button.  Instead:

  • Locate the item in your taskbar and right-click. Select close.
  • Or, exit the browser using Ctrl+Alt+Delete.
  • Run your antivirus software.
  • Turn off the machine and restart.

Future Protection from Scareware

To protect your computer in the future, install a pop-up blocker and configure it to only allow pop-ups from sites you approve of.

If you don’t have antivirus software installed, get it right away.  Be sure to purchase from a reputable company, one that you know and trust.  Of course, there are many choices out there with great products and services.  Remember, however, that just because someone has a website and a fancy logo, it doesn’t make them a legitimate business. 

If you have doubts about who you are dealing with, you can and should investigate further.  To do that, you can easily check unknown phone numbers on Spokeo using reverse phone lookup.  Or identify the owner of an email address with Spokeo’s reverse email lookup.  You may be able to get names, social media profiles and more, giving you the assurance you need to avoid the imposters.

References: