You may have seen a message like this one popping up while surfing the web:
“Warning! Your computer may be infected!”
And you may wonder what’s going on? Don’t worry – chances are you’re safe, so just ignore the message and continue acting like everything’s just fine.
What you’ve seen is scareware, which is a type of ad or message that wants to scare you into buying or downloading a piece of software. A form of social engineering, scareware aims to make you feel shock and panic, and act accordingly.
Although scareware isn’t always dangerous, there were instances that ended with credit card fraud and identity theft.
Scareware examples
Scareware attacks come in multiple forms, with all of them alarming users about a potential vulnerability. From there on, these ads aim to entice users to address the issue by clicking on a link and later on downloading something or entering their personal information.
Scareware examples include:
1. Scareware pop-ups
These messages are designed to take over your entire screen, forcing you to act before you can do anything else. The alarming language tends to come included with these popups, for instance, warning you that you can lose all your data if you don’t act quickly. And that “acting” is related to clicking a link, downloading new software or upgrading existing one.
These popups are so cleverly designed that even clicking on the “X” or “Close” buttons could start a download. So to stay on the safer side, you are best off closing the entire window and avoiding visiting that website (where you saw the popup).
2. Scareware emails
Similar to popups, scareware emails will deliver the same/similar message in the form of an email. Again, your immediate action is required to remedy a problem which, if left unchallenged, could cause serious consequences to your digital life.
The end goal is still to force you to download a new app, buy a new piece of software or to upgrade one of your existing apps.
How can scareware affect you?
Depending on the type of attack, scareware can affect you differently:
- Spyware – cybercriminals can utilize scareware to install malicious software (spyware) that tracks your activity. Your data could be at stake, including your personally identifiable information, which could be stolen and later offered to third parties.
- Ransomware – scareware could be used as an entry point for seizing your computer and installing ransomware on it.
Can you detect scareware?
Some of the common signs to look out for include:
- A ton of pop-ups – all of which warn you of urgent security breaches.
- A decrease in performance, with malware causing your device to slow down, crash, or freeze.
- New programs and features installed on your device without you remembering when you’ve installed them.
- An inability to access programs or files, with unexpected error messages appearing instead.
- Your settings have been altered, including such as your default browser or even wallpaper, without you making the change.
How to remove scareware?
The first step is to uninstall the latest few apps from your device, usually your computer, which most scareware-related apps are targeting. Go through the list of all the software on your machine and start removing those that have been recently installed.
Another thing you could do is to fire-up your antivirus and start the scan. Make sure, it is up to date so it has all the latest virus definitions, which — these days — include a different kind of malware, not just viruses.
Once both of these steps have been completed, restart your computer and see if that solved the problem. If it’s still there, I’m afraid you may have to start from a blank sheet and re-install your system from the ground up.
How to prevent scareware attacks?
There are several things you could do in order not to be infected with scareware in the first place, including:
- Keep your apps and operating system up to date to make sure some of the bugs they include aren’t used against you (to perform nasty attacks).
- Use a good antivirus and keep it up to date at all times.
- Get a good VPN if you still don’t have one, to make sure your connection with the Internet is always encrypted (so that no one can snoop into it).
- Read before you click and ignore all kinds of warnings while in the browser.
- Avoid accidental downloads – which is related to the previous point to be careful where you click.
- Enable pop-up blockers so you don’t get tempted to click on some link.
- Keep an open eye for any strange activity with your device – so you can know when it is time to react.
By abiding by these rules you should stay on the safe side. Good luck!