Scareware is a malware attack that “scares” users into downloading or buying malicious (or sometimes completely useless) software. It is a social engineering tactic that creates a false sense of urgency to fix a perceived problem. Common examples are pop-up ads claiming your credentials have been stolen or your computer has been hacked and then pressuring you to perform a specific action, such as pressing a button or giving away personal information.
Scareware is sometimes referred to as rogue security software, but this term is less used.
Scareware vs. ransomware
Scareware is a ransomware category that exploits vulnerable individuals to download ransomware software or succumb to a ransomware-as-a-service attack. It may also be used for identity theft or credential dumping.
Contrary to popular perception, scareware attacks are still prevalent today, costing their victims millions of dollars in fake security programs.
For example, the Spanish police recently detained a Ukrainian national who was allegedly part of a major scareware operation that lasted from 2006 to 2011 and had been on the run for more than 10 years. While unclear from the official Spanish press release, the operation appears to be part of Operation Trident Tribunal, a joint operation between the Department of Justice, the FBI, and international law enforcement to target international cybercrime rings.
According to the FBI, this scareware operation caused more than $74 million in total losses and affected over a million computer users. Although the event ended in 2011, its effects are still felt today, with law enforcement still searching for all the threat actors involved.
How does scareware work?
Scareware criminals understand the basic psychology of the average computer user. They are adept at creating alarming messages about computer viruses or hacked systems to get you to pay money to install malware into your computer. It’s a win-win situation for cybercriminals: They receive money to exploit you further through malicious software.
Alarmingly, scareware has become more sophisticated. Cybercriminals may imitate logos of legitimate programs or display a progress bar that claims your computer is being “scanned”. It will then show a pop-up message or a screenshot of “infected” files on your computer.
These messages are almost always distressing. You will be told that your device or network will undoubtedly be infected, destroyed, or eliminated if you don’t perform a particular action.
Prevent scareware from impacting your organization through proactive IT management.
Signs of scareware in your device
- You have a lot of pop-up ads or messages. The most common symptom of a scareware attack is an unusually large number of pop-up messages, even when you’re not doing anything. In all likelihood, this is adware, but it may also signal a scareware attempt.
- Your device becomes very slow or starts to lag. Some of the more sophisticated scareware can make your computer freeze or display a pop-up ad, forcing you to click on it.
- You notice random programs and features. You might see a program you don’t recognize and innocently click on, trying to figure out what it is. This can cause you to download a malicious program inadvertently.
- You can’t access programs. Some scareware triggers strange error messages or blocked pathways, which are then followed by a pop-up message telling you to download a program to “fix” it.
How to prevent scareware
The most effective way to protect yourself against scareware is to use software from legitimate providers. Trusted vendors will never trigger pop-up ads that blackmail you into action. If there is a legitimate problem, it’s best to contact your vendor for their recommended solution.
It is also a good idea to avoid “the click reflex.” While clicking on pop-up ads or warnings about new viruses may be incredibly tempting, temper this urge if these messages are not from a trusted sender.
Lastly, always err on the side of caution. It’s better to be delayed in fixing a problem than to act impulsively and create a bigger one. If you are experiencing any computer abnormality or technical issue, working with your software provider for a custom resolution is highly recommended.
Trusted IT management reduces the risk of scareware
NinjaOne offers a comprehensive IT management software solution that drives exceptional service delivery, global efficiency, and end-user satisfaction. While no tool can eliminate the risk of scareware, NinjaOne’s software may help mitigate this threat by giving your enterprise full visibility and control over your IT operations.