Scareware: Definition, Identification & Prevention
Scareware is a form of malignant software (malware) that users are tricked or scared into downloading. Once activated, the software exposes data, deletes files, steals funds, or takes some other form of harmful action.
But finding a simple scareware definition isn't easy. Plenty of different software types, each with a slightly different function, could qualify for the term.
Scareware developers are savvy. The prompts they use often look legitimate and official. And the text urges you to act fast, so you don't have time to think about the harm you could cause with each click.
Being cautious with your clicks is your best defenses against scareware. Think hard before you click on anything that could be out of the ordinary. And remember that just closing your browser is sometimes the best way to protect your computer and your network.
But if you are infected with scareware, antivirus software can clean up the damage. If you act fast, it doesn’t have to be catastrophic.
What Is Scareware?
You're working on your computer, and a window appears. It mentions that your computer is infected, and all your files will soon be erased. Click a button to start the scan, you're urged. It's the only way to continue.
A scareware prompt like this blends urgency, fear, and computer programming into something you just can't ignore.
Plenty of scareware examples exist, including:
- Scamware. Programs like SpeedUpMyPC promise to wipe away viruses with just one click. But as experts explain, no simple click can clean your computer. Starting the scan installs malicious software instead.
- Spyware. You're encouraged to download and install a file or an app. The program starts collecting your data, your clicks, and your logins. Some spyware prompts come via email, but other threats appear in app stores. Just as scareware can infect your computer, some versions can take over your phone.
- Ransomware. You tap a button to download some software. Then a screen appears, locking you out of your own system. You’re told that access to your files can't be restored until you pay.
- Spear phishing. An individual or groups of individuals inside an organization or business gets an email encouraging some kind of action. The action seems legitimate, but instead convinces them to surrender sensitive data or financial information. An entire enterprise IT system could fall in response to an attack like this.
In general, if you're scared or tricked into downloading software that will do you harm, you're dealing with scareware.
How Scareware Gains Access to Your Information
Chances are, you click on hundreds of buttons on your computer screen every day. You tap "Next" buttons to see new search results, you hit "Submit" to turn in forms, and you click an "X" to close a window. Each movement seems harmless. But when you're dealing with scareware, each click starts a serious chain of events.
Consider scareware popup ads. The process works like this:
- Attention-getting popup: You're shown a big window or modal that blocks all of the work you were doing. It seems that you have to act before you can do anything else on your computer.
- Threatening text: You're told that you'll lose access to all files. Or you're told that your search history (including anything unsavory) or personal information will be shared.
- Multiple buttons: You're told to click a button to make it all stop. Even the button you might use to close the popup is a potential source of entry.
- Clicks happen: You click a button which purports to do one thing, but instead it triggers a download.
Or consider a pseudo-antivirus program. You get an email that tells you that your computer is vulnerable to a virus, and by paying one low fee, you can fix the problem. The process works like this:
- Enabled buttons: Anything you click within t