ScareWare

What is it?

Scareware uses a form of manipulation to convince users to buy or download useless, or even malicious software, for example a fake “security” software.

Through interactive content such as pop-up ads, scareware uses social engineering to convince you to install the software, taking advantage of your fear. Scareware criminals can do anything from selling you fake and useless tools to installing damaging malware and getting your sensitive data. Scareware typically convinces you to download ransomware (a malware that threatens to publish your personal data or perpetually block access to it unless you pay)

Danger:

Scareware criminals frequently make their tools look official and believable. And so that you don’t think twice about its legitimacy, they ask you to act very fast.

What does a Scareware attack look like?

  • You can be shown a window that covers all of your work, which looks like you have to click on something before continuing your previous work. It often displays a threatening announcement convincing you that you will lose access to all your file files, unless you follow their instructions.

    You can be told to click on a button to stop the unwanted event from happening. Even the button to close the popup window is a potential source of virus’ entry. Once you click a button it triggers a download of malicious software
  • Another scenario is when you get a notification about your computer being vulnerable to a virus, which proposes you to pay a fee to fix the problem for the pseudo-antivirus program.

    Similarly to the previous situation, any button you click within the message can be a potential trigger for downloading malicious software.

    The criminals can use legitimate-looking websites where you get redirected to a web destination that looks professional and real. They ask you to enter your bank details to pay for the “anti-virus” software, thus obtaining all the information they need.

    • How to detect a ScareWare?

    Pay attention to when an unexpected window appears on your computer while you’re working. It is going to urge you to provide extremely sensitive information as fast as possible, as opposed to legitimate software providing useful information and nor threatening you.



    Types of scareware:
  • Scamware= programs promising you to clean your computer from viruses but instead installing malicious software to it.
  • Spyware = collects your personal data, your actions and passwords through an application that you downloaded from an app store. They can infect your computer as well as your phone.
  • Ransomware = blocking access to your working environment or to your files until you pay.
  • Spear phishing = a message encouraging you to do something (seemingly legitimate) in order for you to reveal confidential information.
    		•

    Scare Ware

    Arina Shteyn

    		 next article