Scareware—When the Boogeyman dresses up as Tech Support.

Scareware is software that manipulates us into either buying or downloading a cure for a problem we never had. It also goes by fraudware or rogue scanner software. Whatever the name, the family of scams is worth knowing so you are not victimized.

Type 1: Curing No Disease

Scareware can be used to trick us into buying cures we do not need. Like a doctor selling us medicine for an illness we never had, some kinds of scareware try selling us something. The purchased product or service may or may not be entirely useless, but it certainly is to us.

On occasion, even big-name companies find themselves on the wrong end of the law when it comes to scareware. From 2009 to 2016, a big-name office brand and their remote support partner are accused of having tricked their own existing customers into buying computer repair services. They promoted a program they promised would scan for and diagnose PC problems.  Instead of basing results on a device scan, the companies allegedly scared customers into paying for further services based on customers’ own responses from a survey. The companies have settled with the FTC without admitting guilt.

Type 2: Pop Up and Call, Toll Free!

Pop-up scareware can also be used to lure us into giving away money (or simply credit card information) for no cure. The pop-ups show up in a browser window and warn of a supposed virus or some other security issue on your computer, then offer to fix it if we just call to buy Service XYZ. These pop-ups are often engineered in the same way phishing emails generally are. With that, keep in mind the tricks phishing emails usually employ, which include:

- a sense of urgency

- hard to trace payment methods such as gift cards/wire transfers

- stolen company logos

- familiar error message formats that sound slightly off

Remember, an operating system will never warn of a virus by using a web-based pop-up, and a true virus scan will never have customers resolve the issue by giving anyone a call.

Type 3: Scan / Remove Threats Now!

Half phishing attempt and half malware, you might have encountered the most devious form of scareware already. These attacks may resemble the pop-ups above or come in via email or another source, but they try to persuade us to either give up personal information or download/run something as a fix.

If the pop-up has space to fill out a survey or sign up for something, it is probably after personal information. Remember, we can give up more information than we intend if we are not paying attention. The pop-up is not just signing people up for SPAM, it is likely seeking password or device clues the scammer can use in a later attack.

A download offered may claim to be an extra layer of security such as an anti-virus add-on or even an informational pdf, but is often malware. The malware load may be a keystroke logger that will enable the group to hijack account credentials, a remote access tool that enables hackers to use the target computer for their other activities, or a program that encrypts information and offers to sell the user a key—classic ransomware.

Be especially wary of anything offering to “Remove Threats” or “Scan Now”. These run a program directly on devices that can have the same outcome as the malware listed above. The added benefit to the scammer is that they do not need to hide their activity since one can reasonable anticipate device slowing during such a comprehensive procedure.

What If I Run Into Scareware?

In cases involving established companies, the FTC should have your back. You can report fraud to them at https://www.ftccomplaintassistant.gov/.

If you run into scareware from unidentified scammers via pop-up or email, do not engage. Do not fill out a survey, download a file, call a tech support you don’t know, or follow a link. Simply delete the email or close out the browser (not just the window) from which the pop-up came.

- PC users should try using Ctrl-Alt-Delete (PC) to access the Task Window and close the browser application.

- Mac users should press Command-Option-Esc to access the Force Quit applications window.

- If these actions are blocked, shut down the device.

An Ounce of Prevention

You can greatly reduce your exposure to scareware by employing a bit of preventive care. Keep your browsers updated, with the pop-up blockers turned on. Also, keep a reputable antivirus or next generation endpoint protection on your devices—and keep it up to date. With these measures in place, hopefully scareware will just be another scary story you heard over the campfire.