At some point in your life, you’ve probably been scammed or threatened by someone telling you that something bad is going to happen unless you do what they ask right away.
Almost every scam in the analog world has its counterpart in the digital world, and cybercriminals are very cunning at constantly coming up with new tricks to ensnare or threaten us.
Read on to learn you all you need to know about scareware, how this nasty method works, how you can protect yourself, and, in the worst case, how you can get rid of it.
What is scareware?
The term scareware is a mash up of the words “scare” and “software”. It’s a type of malware, or malicious software, that’s intended to scare or even threaten you.
Cybercriminals use this malware to trick you into thinking that something terrible’s about to happen, where they rely on you doing something right away to avert impending damage. For example, they may try to trick you into making payments or installing actual malware — which can then cause even worse damage.
It’s a pretty sneaky tactic, mostly because scareware isn’t always easy to spot. It’s considered a form of social engineering — which is exactly what hackers try to do.
How does scareware work?
With their scareware attacks, hackers focus on your fear, where they deliberately aim to deceive you into making the alleged danger appear as threatening as possible and seem so believable that you can’t tell right away that they’re trying to scam you.
- The name, logo, and other design elements in warning notifications (which can take the form of pop-ups or on-screen messages) are designed to confuse you into thinking they’re from established companies, authorities, or institutions. These design elements are intended to look serious and genuine — with potentially significant consequences for the victims.
- The scammers imitate error messages from popular programs or the operating system to make you believe that the warning is actually coming from software that you’ve been using for a long time.
- Things get really sneaky when cybercriminals pick up on threats that have done the rounds in the media and “identify” you as the person acutely affected by them. As you’re likely to recognize some features of what you’ve heard or read in the media, most of us would find it difficult to tell that the danger facing us only loosely resembles what the media reported.
- It’s getting increasingly common for hackers to have previously obtained your information by other means and embed this stolen information in the notification you see — meaning It’s easy to think that the messages come from your own system and not from malware.
How do I spot scareware?
If pop-ups or warnings suddenly appear on your device, the first thing to do is stay calm. Take a closer look at the warnings, and you’ll often see that you’re being scammed.
Always remember: No authority sends alerts straight to your desktop. And even a good antivirus solution never displays acute threats aggressively on your screen, such as with loads of exclamation points, capital letters, and other “shouty” elements.
More warnings
A reputable antivirus program notifies you that an acute threat to your device has been detected, makes itself known, and guides you through the necessary steps to resolve the issue. Scareware, however, is “shouty” and aggressive, and likes to show you multiple pop-ups in a row to warn you even more strongly — and trick you into taking the supposedly right steps.
Dialog windows
If your computer, smartphone, or tablet suddenly installs programs on its own without you doing anything, or your browser constantly adds new windows or tabs, this is a pretty sure-fire sign that it’s infected with scareware. Read on to learn what you can do in this case.
Drop in performance
Every computer, smartphone, and tablet slows down with use, which is why we recommend running regular speed-ups to optimize device performance.
However, if you find that your device is far slower all of a sudden and even the simplest tasks take forever, the screen freezes, or programs crash for no apparent reason, malware such as scareware could be the culprit.
Blocked from using programs and features
If you suddenly can no longer use certain programs or their functionality is severely restricted, this can also be an indication that you’ve fallen victim to a scareware attack.
Cybersecurity solutions can help reduce the risk of scareware attacks
We can’t stress it enough: Any device you use to go online with should have a proven antivirus solution installed on it. Use a feature-packed cybersecurity solution (https://www.avira.com/en/free-security) like Avira Free Security, to keep an eye on your device’s security, online privacy, and performance. In just a few clicks, it scans your device and can quickly provide information about possible cyberthreats.
Examples of scareware
You’ve already guessed that scareware attacks can look quite different. However, there are two classic forms out there which you should be aware of.
Scareware disguised as antivirus software
Scareware, which disguises itself as antivirus or system software and imitates the legitimate programs on your device, is very common. To get on to your device, hackers use the logos, names, or other design features that you just can’t tell from the original.
With this type of scam, you receive notifications or pop-ups that suggest your device is infected with a virus. If you click the link provided with this scareware, you’ll then be asked either to pay for the bogus viruses to be removed or — worse still — tricked into downloading an actual Trojan, which then becomes even more of a serious system threat.
Scareware disguised as official information
With this type of scareware attack, your computer’s screen is suddenly blocked by a huge window that’s often near-impossible to close. This window is often adorned with the logo of the police or another authority — which, of course, have nothing to do with it.
This scam informs you that your device contains supposedly illegal files (e.g. child pornography, copyrighted video/audio downloads, or unauthorized software), which is why this device has been automatically blocked. Because this scam often involves encrypting documents on your hard drive, it bears all the hallmarks of ransomware.
You’ll then be asked to pay a fee to prevent further prosecution by the authorities. If you pay this “penalty”, which can often be a three-digit sum, the window will be removed. Payment is, of course, made using anonymous methods and can often no longer be traced back to the cyberfraudsters.
So if a hacker with a large-scale, automated scareware attack makes even a thousand unsuspecting victims pay, you can imagine how hackers can make vast sums off people’s fears.
How do I remove scareware?
Do you suspect strongly enough that your device is infected with scareware? Then in the first instance, we advise you (once again) to keep calm to limit any further damage.
In most cases, you can keep this nasty malware at bay in three simple steps or even banish it completely.
Step one: Uninstall the fake (scareware) security program
- When uninstalling the “fake” security program, it’s really important to delete the program itself AND all associated files.
- On your Windows device, open Control Panel and click Uninstall a program. Find the malware in the list and delete it completely, including from the Recycle Bin.
- On a Mac, open Finder, select Applications, and search for the scareware. Then drag the scareware to the Trash and empty it.
- However, this is only the first step in getting rid of the scareware, because residual malware can still be dangerous.
Step two: Restart in safe mode
- Because the danger is not averted once you’ve uninstalled the scareware and emptied your device’s recycle bin, you should restart your computer in safe mode as a second step. In this mode, the computer only accesses essential programs, preventing scareware remnants from remaining active.
- In Windows, click Restart and keep the shift key held depressed. Once your device restarts, select Troubleshoot, then Advanced options. Now click Startup Settings and press the F5 key to start your device in safe mode with network access.
- On a Mac, hold down the shift key while restarting. After a short while, the log in screen will appear. Now click Continue in Safe Mode.
Step three: Install a reputable antivirus solution
If you start your device in Safe Mode with Networking, you won’t be able to use many of your usual programs, but you will be able to go online and download and run a reputable antivirus solution.
We’ve already recommended Avira Free Security in this blogpost — a multi award-winning, proven cybersecurity solution.
How do I protect myself from scareware?
In addition to a proven cybersecurity solution, there are a number of steps you can take to shield yourself.
- Always have a healthy dose of skepticism about what you click or download. If you receive emails with attachments from unknown senders, it’s best not to open them.
- Never download programs, images, or videos from sites that do not meet current security standards.
- Make sure your programs are always up to date. That’s because practically every update includes fixes to plug security holes automatically — something that’s especially true for your browser.
- Hopefully, by the time you’ve read this article, you’ll no longer click pop-ups that scream and shout about supposed errors or risks.
Install a browser safety extension for more comprehensive protection of what you get up to online
If you want more comprehensive protection against aggressive pop-ups (and also advertising) when surfing the internet, we recommend using a browser protection extension (https://www.avira.com/en/avira-browse-safety) like Avira Browser Safety.
It’s a reliable way to better protect yourself against unwanted applications such as scareware as well as ads, plus it complements your ad blocker. The useful Browser Safety extension works in the background on Windows and Mac devices and is fully customizable. Avira Browser Safety is available for Firefox, Chrome, Opera (integrated in Avira Safe Shopping), and Edge (also integrated in Avira Safe Shopping).
Turn on your firewall to protect against scareware attacks
Firewalls use various mechanisms to boost your protection and perform a variety of background tasks, including:
- Helping to ensure you get to enjoy mostly uninterrupted, yet more secure access to public networks such as the internet.
- Preventing unauthorized access to your own network.
- Ensuring key processes such as authentication and identification as well as data encryption can function.
As such, our final and further recommendation to protect yourself from scareware attacks can only be: Always use a firewall whenever you go online.