Most users these days are more aware of the threats we face in the digital world. Especially online! Yet, most people don't really know much about how the technology they use every day works. This makes it easier for the creators of malware to convince people through the use of techno-babble and scary-sounding technological consequences.
Scareware is the explicit weaponization of this technological ignorance, and it can have devastating consequences. So let's look at the forms that scareware can take.
Related: How to Detect, Prevent and Remove Botnet Malware
Scareware is a type of attack meant to make users panic, thinking that something is seriously wrong with their computer, phone, or other online devices. Scareware can be an actual malware infection on your computer or phone, but it can also be as simple as a website popup meant to mimic an antivirus program popup. Some are simply banner adverts you'd find on disreputable sites.
The warnings from scareware are incessant until you click sort of "clean my system" or "remove threat." If you do, you're routed to a malicious website, which is where the problems really begin!
Apart from the problems that come from already having a piece of malware on your device, scareware can cost you money and time directly. Besides the fact that it's a warning for a danger that doesn't exist, complying with a scareware program's requests can lead to the installation of more dangerous malware, the theft if your credit card details, and the theft of sensitive private information.
So it's no joke. If you go ahead and spend your money on the scareware author's fake "antivirus" software, you could be giving them the keys to the castle. At some future point in time, your keystroke records, screen captures, passwords, and more will simply be sent to the program author on a silver platter.
Scareware works because it makes users think that something has gone seriously wrong with their system and that they have very little time to do anything about it. So they falsely believe that the only solution is to hand over money and personal information to cure a problem that the attacker created in the first place.
Scareware is pretty easy to spot. The web-based stuff originates from your browser through a web page. So if you close your browser, the warning goes away. If it originates from malware already on your system, it can look like a system popup. However, any system warning that tells you to go to a website or pay money to remove malware should be immediately suspicious.
The most important thing to do when you spot some scareware is to take a deep breath and think it through. If the popup comes from your browser, it means there isn't actually anything on your computer. Either you're visiting a site that's been compromised somehow, or you're on a site that's just disreputable from the get-go.
No matter where the scareware comes from, the actions you should take are exactly the same:
Following the scan, if your legitimate security software doesn't detect any malware on your system, consider which websites you were visiting at the time of the attack. Consider blocking all popups and only allowing them on a case-by-case basis.
The way to prevent scareware is no different from keeping all malware off your system:
It really is as simple as that. Just remember the rule of thumb - take a breath. Think about it and only do maintenance on your computer using trusted software you chose and installed yourself.
Fear is a powerful tool in the hands of scammers. But if you simply fail to panic, they're actually no scarier than a Halloween sheet ghost.