Don’t Be Duped by ‘Scareware’
“Ransomware” has been making news lately due to the rise of Cryptolocker – a nasty combination of malware and extortion that encrypts all your files and demands money in exchange for the key. Other forms of ransomware use popup messages claiming that the government or police have been monitoring your computer use and that you have a violated some law. These schemes demand payment of a “fine” to unlock your computer.
But ransomware isn’t the only sneaky form of malware circulating the Internet. “Scareware” pops up messages claiming that your computer is infected with malware or has other critical errors. The goal of these scare tactics is to induce you to purchase software products to remedy the purported defects.
The FBI has categorized scareware as one of the fastest-growing and most prevalent types of Internet fraud. A recent scheme targeted mobile devices running the Android operating system, attempting to trick users into downloading a fake antivirus app to remove the “Tapsnake” threat. The scareware was distributed through a spam email campaign.
Scareware tactics can be difficult to spot because they typically carry legitimate-sounding names and feature professional-looking graphics. Pop-ups typically warn that threats such as viruses, spyware or registry errors have been detected, and users are baited with the offer of a free scan to identify all threats. Then comes the catch — one must purchase the application to get rid of these alleged threats.
Worse yet, scareware seems to leave users with no options. Upon execution, these rogue products not only prevent legitimate security software from loading, but also block access to system tools, third-party applications and security web sites with the claim that these all represent unsafe executions. Each mouse click only produces more prompts and more offers to download installation files. This is when exasperated users are most likely to give in and buy the bogus products.
In a best-case scenario, the product will simply deactivate its own scareware. In the worst cases, users will wind up downloading additional malicious code such as Trojans, keyloggers or bots that will continue to silently infect their systems.
There often is a way out of these ambushes. With a couple of simple steps, you generally can end the popup nightmare and regain control of your system:
- Right-click on the task bar or press “ctrl+alt+delete.” Click Start Task Manager and terminate any suspicious processes such as the exe file for the offending scareware (i.e. “defensecenter.exe).
- Run an antivirus scan to find and remove the offending program and its related files. Freeware tools from Malwarebytes and Superantispyware are known to be effective in rooting out and eliminating scareware.
For protection, you should ensure you are running legitimate, up-to-date antivirus software and keep your web browser and applications patched with the latest security releases. To protect your mobile devices, make sure that security settings only allow the installation of apps from trusted sources such as Google Play.
Scareware attacks are prevalent for one simple reason — they work. It’s all too easy to frighten unsuspecting computer and mobile device users into buying and installing fake antivirus software. If you see a scareware popup, don’t panic. Call ICG if you need assistance in removing the malware.