This article discusses about scareware scam which has been quite a hot topic in recent years, and touch on a slightly about malicious malware, virus websites. Virus scam mails will be discussed separately.
What is a Scareware?
A Scareware is a generally a limited or useless software sold by causing fear or anxiety.
This tactic frequently used by criminals involves convincing users that a virus has infected their computer, then suggesting that they download (and pay for) antivirus software to remove it. Usually the virus is entirely fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 583% increase in scareware programs.
The “scareware” label can also apply to any application or virus (not necessarily sold as above) which pranks users with intent to cause anxiety or panic. (Wikipedia)
A common encounter is a pop-up on a website indicating that the PC is infected. In some cases it is possible to become infected with scareware even if the user attempts to cancel the notification. These popups are especially designed to look like they come from the user’s operating system when they are actually a webpage.
Some known scarewares include:
- Rogue Anti-Virus
- Fake Scanners
- Internet Antivirus Pro
How to protect yourself?
There are several websites that provide the latest list of sites that contain scareware, or even the malicious malware, spyware or virus. We will not list them here due to security reasons. We tested one of the site ourselves and our Norton Security fired a warning note, and we found a series of warnings in the log page:
Phew, that was close. Then we found another website taht warns us of the malicious virus on the links contained in that page. We are not going to try that for sure, not with this PC.
As you can see, if you don’t find them, the scareware, malware, and virus normally won’t find you when you surf the web. We are excluding emailed virus scams, which is out of the scope of this article. The place to find these sites are normally associated with hacking, warez, keygen and other pirated software sites. The links are normally not that obvious, but that may change. It took us a little bit of time to find the gate (to hell) though. And that is where we decided to stop. Normal human beings seldom travel so far in, depending on what what vices you are looking for.
The following are some examples of Scareware messages:
What if I receive a Scareware Window?
1) Do NOT click on the window. Shut down the Browser immediately using Task Manager (see step 2 onwards)
2) Immediately, press CTRL-ALT-DELETE
3) Find the Browser in the Task Manager window.
4) Right click, on the menu select End Task.
For other system like Mac, please see this good article about dealing with Scareware.