How fully educated are you when it comes to malware attacks? You may know not to click suspicious links and stay away from dodgy advertisements, which is surely a good start. However, as the general public’s knowledge of malware and viruses increases, so, too, do the people who make them. Malware developers devise new methods on how to slip under a user’s sense of security to deliver malicious software. One of the more powerful methods of getting to a user is by utilising fear. This is the scareware’s goal, and it’s every bit as scary as it sounds; after all, being scary is what scareware is all about.

Just like with most “scary” things, the more you know about it — how it works and how it’s used against you, it’s much less scary than before. So, let’s break open scareware and find out how it works.

What is Scareware?

Imagine yourself browsing the Web on any random day. You access a particularly innocent-looking website, when suddenly a pop-up appears. This pop-up informs you that it has scanned your system and found a nasty virus. And in order to get it off your system, you need to download a particular software.

This is the beginning of a scareware “attack.” The idea is that the user is so terrified at the possibility of a real virus infection that they will click the pop-up in order to solve the problem. While it may seem innocent on the surface, the intention is anything but that. The “virus scan” that the user saw wasn’t a scan whatsoever; it was just an advertisement pretending to be one. The mission is to scare people into clicking the advertisement, thinking that it was a legitimate virus scan. Gripped by fear, the user will then accept and download any software the advert gives them in order to get rid of the fictitious threat. Some particularly nasty examples copy some very popular antivirus software to trick you into thinking that it’s legitimate. An example of scareware is shown below trying to mimic a BSOD.

 BSOD

What’s the Goal of Scareware?

Most of the time, the goal of these kinds of malware attacks is to extract money from people. It will perform a scan on your computer, going so far as to list the files in a computer to increase its credibility. However, the scan won’t do any legitimate scanning and will simply claim you have a virus. It will then offer to remove the virus, but only if you upgrade the software from its “trial” plan to a “pro” version (which isn’t any more proficient than its trial version at all). Below is a screenshot sample from Symantec where they talk about a nasty piece of scareware called SpySheriff.

 Scareware

Of course, to upgrade to the full version, you’re going to have to pay what they’re charging. If a user falls for this trap, the best-case scenario is that they pay the money, and the scammers make off with a little more in their pockets. The worst-case scenario is that scammers get a hold of the user’s entire credit card information, and then the problems really start.

Sometimes the software the user downloads is actually a virus in disguise. This is a nasty example of someone being fooled by a fake virus scan and downloading a legitimate virus to help fight it. At this point, having anything less than a proper antivirus or anti-malware solution on the PC will end with some nasty damage being done — even more so if the user believes the phony software is legitimately protecting them.

What Should I Do If I See It?

What should you do if you encounter scareware on the Internet? Is it too late or can you still avoid it?

One thing to take note is that scareware adverts by themselves don’t do much. Pop-ups and adverts don’t have permission to install software on your computer right away. Just because you saw the advert doesn’t mean scareware is now on your system. As long as you don’t click the advert and download anything, you should be fine. This is the main weakness to scareware; if it fails to successfully scare a user to download its software, it doesn’t work whatsoever.

Should scareware end up installed on your PC, either because it was installed directly or because it was hidden within a shady installer, then you’re going to want to remove it before it does any damage. Programs such as Malwarebytes are efficient at helping remove these kinds of threats, so download a trusted anti-malware tool to help get rid of the scareware.

Tags:

This entry was posted by Staff Writer on Wednesday, March 8, 2017 at 6:09:21 AM and is filed under Computer Security & Data Protection.

Leave a Response