Scareware: Definition, Identification & Prevention

Scareware is a form of malignant software (malware) that users are tricked or scared into downloading. Once activated, the software exposes data, deletes files, steals funds, or takes some other form of harmful action.

But finding a simple scareware definition isn't easy. Plenty of different software types, each with a slightly different function, could qualify for the term.

Scareware developers are savvy. The prompts they use often look legitimate and official. And the text urges you to act fast, so you don't have time to think about the harm you could cause with each click.

Being cautious with your clicks is your best defences against scareware. Think hard before you click on anything that could be out of the ordinary. And remember that just closing your browser is sometimes the best way to protect your computer and your network.

But if you are infected with scareware, antivirus software can clean up the damage. If you act fast, it doesn’t have to be catastrophic.

What Is Scareware?

You're working on your computer, and a window appears. It mentions that your computer is infected, and all your files will soon be erased. Click a button to start the scan, you're urged. It's the only way to continue.

A scareware prompt like this blends urgency, fear, and computer programming into something you just can't ignore.

Plenty of scareware examples exist, including:

  • Scamware. Programs like SpeedUpMyPC promise to wipe away viruses with just one click. But as experts explain, no simple click can clean your computer. Starting the scan installs malicious software instead.
  • Spyware. You're encouraged to download and install a file or an app. The program starts collecting your data, your clicks, and your logins. Some spyware prompts come via email, but other threats appear in app stores. Just as scareware can infect your computer, some versions can take over your phone.
  • Ransomware. You tap a button to download some software. Then a screen appears, locking you out of your own system. You’re told that access to your files can't be restored until you pay.
  • Spear phishing. An individual or groups of individuals inside an organization or business gets an email encouraging some kind of action. The action seems legitimate, but instead convinces them to surrender sensitive data or financial information. An entire enterprise IT system could fall in response to an attack like this.

In general, if you're scared or tricked into downloading software that will do you harm, you're dealing with scareware.

How Scareware Gains Access to Your Information

Chances are, you click on hundreds of buttons on your computer screen every day. You tap "Next" buttons to see new search results, you hit "Submit" to turn in forms, and you click an "X" to close a window. Each movement seems harmless. But when you're dealing with scareware, each click starts a serious chain of events.

Consider scareware popup ads. The process works like this:

  • Attention-getting popup: You're shown a big window or modal that blocks all of the work you were doing. It seems that you have to act before you can do anything else on your computer.
  • Threatening text: You're told that you'll lose access to all files. Or you're told that your search history (including anything unsavoury) or personal information will be shared.
  • Multiple buttons: You're told to click a button to make it all stop. Even the button you might use to close the popup is a potential source of entry.
  • Clicks happen: You click a button that purports to do one thing, but instead it triggers a download.

Or consider a pseudo-antivirus program. You get an email that tells you that your computer is vulnerable to a virus, and by paying one low fee, you can fix the problem. The process works like this:

  • Enabled buttons: Anything you click within this email could be a hot button that triggers a download.
  • Legitimate-seeming websites: A button click brings you to a web destination, the site looks slick and professional.
  • Payment options: You enter your credit card information to start the transaction. The hackers now have your financial information.
  • Software download: Complete the transaction, and you're encouraged to download the software.

Once the software sits within your system, it can morph and modify to avoid your antivirus software. It may also replicate, so attempts to eliminate it might leave a copy behind. 

Scareware Removal & Recovery

Hackers and developers want their software to stay on your computer for weeks, months, or even years. They work hard to ensure that you don't remove the programs from your computer. But with a little hard work, you can do so.

Follow this multi-step process:

  • Update your antivirus software. If you have a program installed on your computer, ensure that you're using the current version. Updates include data about new threats, which might include the one sitting on your computer.
    Workplace computers often have antivirus programs installed. If you can't find yours, talk with your IT team.
  • Run an antivirus scan. Start the program, and encourage a deep cleanse. Skip over versions that run quickly in the background. Dig as deep as the software will allow.
  • Windows users: Try Windows Defender Antivirus. This software comes bundled with Windows 10, and it could pick up threats your commercial virus programs pass by. It takes about 15 minutes to run a complete scan with this program.
  • Restart your computer. With two scans completed, ideally with two types of software, you're ready to test your system. If you see even more windows appearing in front of your computer screen enticing more downloads, you're likely still infected.
  • Ask for help. If all of your DIY work doesn't clean your computer, an IT professional could be an important ally. Ask this person to walk through your entire system to find and eliminate the scareware.

Downloading scareware takes seconds. Recovery takes much longer. But plenty of people recover from attacks just like this.

Scareware in the News

If you've dealt with nasty virus downloads, you're certainly not alone. These attacks are common, and plenty of people and companies have been caught in the web of these scams.

Reporters point out that hackers are adept at working around rules imposed by browsers. They change techniques often. For example, some hackers now use a fake alert to warn users of an imaginary threat, and these users are encouraged to download malware directly from an app store, not just by clicking a button.

Other scareware threats use old-school techniques. An insurance agent in Tennessee, for example, lost more than $2,000 in 2020 from a scareware scam that began with his computer and concluded with a phone call. He paid the hackers directly to "fix" a problem with his computer and then paid a second sum when the hackers triggered a malware relapse.

The Federal Trade Commission (FTC) is aware of the threats caused by scareware. When possible, the agency takes action to recover lost funds. In 2012, for example, FTC lawyers secured a $163 million judgment against a scareware manufacturer. In 2011, an FTC settlement with a scareware company resulted in checks paid to more than 300,000 victims.

Preventing Malware & Virus Attacks

IT experts can clean up your computer, and lawyers and the FTC can help you fight back after a scareware issue. But your best option is to avoid these issues in the first place.

To keep scareware far away:

  • Use trusted antivirus scanners. Ensure that your computer is protected and download updates for accurate threat scans. Remain vigilant, and allow for frequent scans. You may not know you're infected.
  • Download browser updates. Companies like Firefox release new versions regularly, and those update files could include virus protections. Make sure you're using the current version.
  • Set up adblocking. Some scareware developers rely on popups that sit in front of browser windows. Changing your settings to block pop-ups and ads could keep those threats from deploying on your computer. About 40 percent of computer users didn't know that antivirus scanners aren't ad blockers. If you're one of them, this tip could be incredibly useful for you.
  • Close your browser. Scareware is tricky, and sometimes, closing a window means downloading software. Closing your browser altogether, even if it means losing a bit of work, is the safest option.

If you're unsure about a site or a button, do a little digging before you click. Consider:

  • Hovering. Placing your cursor over a button should tell you where you're headed after a click. If you see a destination you don't recognise, be careful.
  • Typing. If you're sent a scareware email from a company you know and trust (like your bank), head to the company website via typing the address in your browser bar. Or call customer service directly. You may find that all the words of warning in the email are fictitious.
  • Thinking. If a threat hits close to home, stop before you react. For example, if a hacker threatens to expose your browser history, think about how the person would get that data. Is it legitimate? Or is the person preying on well-known fears, such as unsavoury website visits?

No matter how much a scareware developer wants to harm you, it's not possible unless you play along. Take steps to protect yourself, and ensure that you're clicking with care. Don't let anyone pressure you into making a mistake.

We Can Help

Okta provides an end-to-end suite for responding to cyber threats, including malicious programs like scareware. Discover how Okta can help keep your infrastructure safe.

References

Scamwear. Weber State University.

Beware: New Android Spyware Found Posing as Telegram and Threema Apps. (October 2020). The Hacker News.

How to Remove Malware From Your PC. (August 2018). PC.

Scareware Popups Trick Mobile Users Into Clicking Malware: Report. (October 2020). The Hindu Business Line.

Convincing Malware Scam Costs Insurance Agent More Than $2,000. (July 2020). WATE.com.

FTC Case Results in $163 Million Judgment Against Scareware Marketer. (October 2012). Federal Trade Commission.

FTC to Provide Refunds to Victims of Bogus Scareware Scam. (December 2011). Federal Trade Commission.

Six Things You Should Know About Spyware Right Now. (October 2020). Digital Market News.

Millions Tricked by ‘Scareware’. (October 2009). BBC News.

Everything You Need to Know About Mac Scareware. (May 2011). Computerworld.

Do Not Click This ‘Coronavirus Map’ — It’s a Dangerous Scam to Hijack Your Device. (March 2020). The Sun.

Ad Blocking: Who Blocks Ads, Why, and How to Win Them Back. (July 2016). IAB.

How to Identify and Avoid Scareware Scams. (June 2020). CPO Magazine.