What Is Scareware?

What Is Scareware

Date First Published: 14th May 2023

Topic: Cybersecurity

Subtopic: Threats To Systems, Data & Information

Article Type: Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 5/10

Learn more about what riskware is in this article.

Scareware is a type of malware designed to scare users into downloading and installing unwanted and often malicious software that is of little to no use to them. Scareware often tricks users into visiting malicious websites that claim that the user's computer is infected with a virus or malware without actually scanning the computer. It may also claim that users need to pay money for a program to remove the viruses or malware from their computer, which is often malware itself.

Scareware is designed to scare users into downloading fake programs or paying a fee to fix the claimed problem. Once agreeing to install the program claimed to fix the issues by the scareware, it may install a Trojan horse, spyware, ransomware, adware, or other unwanted software onto the victim's computer which puts their security at great risk.

How Does Scareware Work?

Scareware often works by using deception techniques to get the user to install the program at first. Then, once the scareware program is installed on the user's computer, fake warnings and popups will usually appear, claiming that the user's computer has got problems, like infected files, or outdated drivers. These warnings will often ask the user to pay for the full version of the software to fix the issues. Attackers use deception techniques and intentional false positives to convince users that their systems have problems and scare them into paying money for worthless or malicious software.

How To Avoid Scareware?

Five steps you can take to avoid scareware are:

  • Use a popup blocker. This will help prevent your browser from being filled with fake virus messages or ads for worthless programs.
  • Always verify that the software is legitimate before you install it. Never install random software from websites you have never heard of or give away money to a website you don't recognise.
  • Keep your web browser and operating system up to date. Web browser and operating system updates can fix bugs and vulnerabilities that have been discovered by other users, which can help to protect yourself against drive-by-downloads from other websites that may unknowingly download and install scareware without your permission.
  • Never click on notifications or ads that warn you that your computer is infected. It is very likely that the message is fake as the website has no way of scanning the files on your computer. Clicking on it will usually direct you to websites that download malware.
  • Use strong antivirus software and keep it up to date. This will help protect your computer against scareware because it will scan and quarantine any malware that you have downloaded. Antiviruses are usually quite good at detecting and removing known scareware programs.

How Does Scareware Spread?

Scareware spreads in three main ways, including:

  • Emails - These may come from an attacker giving a sense of urgency or fear and demanding immediate action from the recipient (e.g. Your computer is infected with two viruses and all your files will be deleted within 10 minutes. Click the link below to download the security software to remove it.). Scareware emails often ask users to click on a link to fix the issues, which usually only download malware or other unwanted software onto their devices.
  • Websites or popups - These can be promoted on websites themselves or social media sites. These types of websites contain fake alerts to convince users that their computers have problems and trick them into downloading unnecessary and potentially dangerous programs.
  • Tech support calls - Usually, the attacker calls people and claims to be a technical support agent, saying that they have found problems on their computer and they trick them into downloading unnecessary and potentially dangerous software to fix the issues. These calls scare users so that the attacker can get hold of their details, take control of their computer, install difficult-to-remove malware onto someone's computer, and perform other malicious tasks.

Difference Between Scareware and Rogue Security Software

Some people confuse scareware with rogue security software. Scareware is not the same thing as rogue security software. Scareware is a wider term that refers to any type of malware that scares users into downloading and installing unnecessary and potentially dangerous software, whilst rogue security software refers to software that tricks users into thinking that they have viruses or malware on their computer when they actually don't and misleads them with fake detections and alerts.

Rogue security software is a type of scareware. However, not all scareware tricks users into downloading, installing, or buying fake antivirus software. Scareware can also trick users into downloading other types of software that are of no use to them, like fake file cleaners or fake driver updaters.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments