Scareware is a widespread Internet fraud scheme that intimidates victims into buying unnecessary or harmful software taking advantage of their ignorance. Scareware usually exploits fears of having a computer virus on a machine and persuades users to purchase fake security software. Here we’ll regard how this spoof works and how not to get fooled by it. Among other things, we’ll touch on threats associated with scareware.
What is Scareware?
Scareware is a scam that plays on fears of inexperienced users. Although computer viruses are an obsolete type of malware, and you will hardly catch one nowadays even if you try, they remain a horror story for people. And the least you know about a threat, the easier it can scare you.
Both trustworthy and scam security products are promoted via advertising. An advertisement of a good solution will respect the customer and make stress on qualities and features of the promoted program. In the worst case – it will explain that there are many threats out there on the Web, and each endpoint needs protection. The scareware, on the contrary, will try convincing you that your computer is already infected with malware. Moreover, pushy ads will insist on immediate installation of the program they represent, as if it were a last chance to cure your pc.
The profitability of the scheme is understandable. People get scared, buy the program and feel like the defenders of their computer system. Perhaps later, the apprehension will come that they just threw away their money, but they will no longer be able to get it back. There are usually many victims of such deception, and that is the very thing on which the scam relies.
Sadly, losing money is not the worst thing that can happen. Sometimes such malvertising used as a filter: whoever bought into this definitely does not have an actual antivirus. Accordingly, those agents who do business on the distribution of adware and malware can safely install a bunch of harmful programs on the victim’s device.
How Scareware Works
It all starts with a person suddenly seeing an advertising banner on some website. The banner itself looks like an automatic notification. Novice users may not even understand that they are dealing with an advertisement.
The message usually says that a scan of the user’s computer was carried out, which found infection with dangerous malware. Already here, a knowledgeable person could have laughed because not only is it impossible to scan the device so quickly, but it would also be problematic to do it remotely without preliminary procedures.
But charlatans deal with inexperienced people and therefore continue their psychological attack. The banners usually include very serious-looking malware names, tables, codes, etc. The more serious the picture looks, the stronger the effect. In all its appearance, the message tries to appear automatic. You can see, for example, this caption: “threat level: high,” as if the same plate could give out a reassuring “low.”
Such schemes are generally built on a series of psychological techniques. Intimidation is only the first of them. The use of colors plays with the victim’s emotions. Red stands for anything related to threats. As soon as the “rescue” program enters the scene, a soothing blue or green color appears. This feeling of possible safety encourages the user to make a purchase. In addition, the price is low. Most scareware schemes rely on the possibility of quick payments combined with a vast number of buyers.
There may be more time-consuming schemes for the crooks. For example, they might launch a massive campaign offering free device scans. To take one, the user must first download the software, the functionality of which will be limited until the program is purchased. So that this payment is still made, the scan will produce frightening results. This approach counts on more educated users.
By the way, the scope of scareware is not limited to the security sector. You can imagine other types of scareware, such as cleaners, that will scare users by saying: “look, a little more, and your system will get so clogged with the garbage that the device will start freezing.” The advertised program will be able to delete unused applications, temporary files, etc.
The programs in question can remain completely fake without an iota of the promised functionality. All “treatment” of the device, just like the initial intimidation, can be just a visual effect.
What are The Threats?
Theoretically, the victim of scareware could get lucky, and the only problem would be the wasted money. But more often than not, a deceptive program will leave an unpleasant payload behind. Its severity may vary. In fact, it corresponds to the degree of danger from the unwanted or overtly malicious software that scareware can fetch onto the victim’s computer. In most cases, installing a scareware application will decrease the PC’s running speed. We’ll be coming from the guess that scareware developers want understandable profit from their victims, not reduced to the price of the application.
This goal implies infecting the device with either of the malware types:
- Adware is a class of relatively harmless unwanted applications. They flood users with ad banners, modify browsers’ settings, add ad links on webpages, etc.
- Spyware is a more significant threat. Hidden software collects information about the system and the user’s activity to send it to people who can commercially benefit from having it. o
- Miners are the programs that steal computing resources of the victim’s machine and throw them at mining cryptocurrency (for somebody else, of course.) The injured side will also be surprised by the electricity consumption rate.
- Cybercriminals can add the infected device to the botnet, a controlled network, to perform certain activities on the web unbeknownst to the user.
- Ransomware is probably the worst case. This malware encodes all data files on the victim’s computer, and the only chance to get them back is to buy a key from the racketeers.
Criminals can drop many other types of malware into the unaware victim’s system. However, those are more suitable for targeted attacks and require hackers’ special attention. The malware mentioned above can work and bring profit automatically.
How not to be fooled by scareware?
- Install an actual security system. GridinSoft Anti-Malware is one of the best solutions on the market due to the combination of technical efficiency and cost-effectiveness. Its virus libraries are regularly updated so that whichever malware becomes recognized in the world, Anti-Malware will know how to deal with it. The program can perform a deep scanning, work in on-run protection mode, and be a security measure for safe Internet browsing.
- Know right before you get scammed. The scareware schemes work only because of people’s ignorance. You don’t need to be a hacker or even an advanced user. Just take a simple course on Internet surfing from someone more experienced in it.
- Don’t visit dubious websites and avoid clicking on ad banners whatsoever. You can hardly encounter malicious advertising, which scareware surely is, on trustworthy websites like Google, Youtube or Facebook. It’s not that you should limit your surfing to these three sites, but they can serve as an example of a trustworthy website appearance. As soon as you see ad banners popping up all around you, flashing and glaring, proceed with great caution if you need to.
- Install ad-blocking software. It goes as an extension to your browser that blocks advertising banners from rendering. It might save you a lot of nerve cells.
- If you happen to buy a scareware product, make sure you remove it as you usually remove an application. In Windows, pressStart > Settings > Apps > Apps & FeaturesChoose the app you want to remove, and then select Uninstall. After removing the scareware, carry out an antivirus scan to get rid of any accompanying malware.