The term scareware describes software products that often generates a
bombardment of pop up warning messages that makes using your computer difficult.
The message may display what appears to be a real-time, anti-virus scan of
your hard drive. The scareware will show a list of reputable software icons;
however, you can’t click a link to go to the real site to review or see
recommendations. The FBI says that cyber criminals use botnets —collections of
compromised computers — to push the software, and advertisements on websites
deliver it. This is known as malicious advertising or "malvertising."
Once the pop-up warning appears, it can’t easily be deleted by clicking on
the "close" or "X" buttons. If you click the pop-up to purchase the software, a
form to collect payment information for the bogus product launches. In some
instances, the scareware installs malicious code onto your computer, whether you
click the warning or not. This is more likely to happen if your computer has an
account that has rights to install software.
The FBI says that downloading the software can result in viruses, malicious
software called Trojans, and/or keyloggers— hardware that records passwords and
sensitive data —being installed on your computer. This malicious software can
cause severe damage and the inability to use your computer.
The Federal Trade Commission (FTC) notes that the scareware scam has many
variations, but there are some telltale signs. For example:
- You may get ads that promise to "delete viruses or spyware," "protect
privacy," "improve computer function," "remove harmful files," or "clean
your registry;"
- you may get "alerts" about "malicious software" or "illegal pornography
on your computer;"
- you may be invited to download free software for a security scan or to
improve your system;
- you could get pop-ups that claim your security software is out-of-date
and your computer is in immediate danger;
- you may suddenly encounter an unfamiliar website that claims to have
performed a security scan and prompts you to download new software.
The FTC reports that scareware schemes can be quite sophisticated. The cyber
criminals purchase ad space on trusted, popular websites. Although the ads look
legitimate and harmless to the website’s operator, they actually redirect
unsuspecting visitors to a fraudulent website that performs a bogus security
scan. The site then causes a barrage of urgent pop-up messages that pressure
users into downloading worthless software.
The FTC suggest that if you’re faced with any of the warning signs of a
scareware scam or suspect a problem, shut down your browser. Don’t click "No" or
"Cancel," or even the "x" at the top right corner of the screen. Some scareware
is designed so that any of those buttons can activate the program. If you use
Windows, press Ctrl + Alt + Delete to open your Task Manager, and click "End
Task." If you use a Mac, press Command + Option + Q + Esc to "Force Quit."
Lastly, make it a practice not to click on any links within pop-ups.
The FBI recommends that you take precautions to ensure your operating systems
are updated and your legitimate security software is current. If you receive
these anti-virus pop-ups, close the browser or shut down your computer system.
Run a full anti-virus scan whenever the computer is turned back on.
Paul Davis is a writer who covers crime & security for newspapers, magazines and the Internet. He can be reached at
pauldavisoncrime@aol.com