How to Protect Yourself Against Scareware
Fake Security Software Costs Users Millions
Scareware, also known as Rogue Security Software, is a class of programs that pretend to be anti-malware solutions. In fact, they do not really detect, remove, or protect against malware. Instead, they report dozens or hundreds of infections which actually don't exist. Once they've dug into a system, they prove extremely annoying until the users either pay the "upgrade" or "registration" fees or find a way to remove them. The FBI has estimated losses to victims in excess of $150 million.
Sources of Scareware Infection
Infection often occurs when users visit a compromised web site and click in pop-up windows offering a free security scan or free security software downloads. These messages often use scare tactics claiming that the user's computer is already infected. Accepting the offered link to the free removal software just installs a more insidious infection. Spam emails and even "drive-by" infections are also possible.
Preventing Scareware Infection
The adage "an ounce of prevention is worth a pound of cure" is truer nowhere else than it is in the world of computer malware. Naturally, keeping security software up to date is the first essential step. Learning to recognize (and thereby, avoid) the scams is also important. Messages that pop up claiming to have detected infections or vulnerabilities while the user is visiting a site unrelated to software security is highly suspect. Any security message that appears to have no relationship to explicitly installed anti-malware products is also not to be trusted. In either of these scenarios, users should kill the process from the Task Manager rather than trusting any cancel buttons or even the red 'X' on the window.
A characteristic of websites offering the free scans or free anti-malware are generally slick and professional in appearance. They feature fake endorsements and high industry ratings which are visually indistinguishable from the genuine articles. The domains and brand names change rapidly, so trying to maintain a "black list" is not very feasible. It is much easier to maintain a list of legitimate, free anti-malware sites, and avoid unfamiliar sites.
Scareware Removal
Because scareware distributors continually change the branding, filenames, and other characteristics of the malware, there is no single tool or method for removing the malware. Manual removal generally requires complicated steps involving registry entries, hidden files, and invisible processes. This type of removal may be beyond the capabilities of the casual user, but general instructions for scareware removal can be helpful. General purpose anti-malware software can remove many of these infections. Sometimes however, an Internet search for the name the rogue software is using will turn up specific, step-by-step removal instructions.
Victims of scareware can file a report on the Internet Crime Complaint Center, a Federal collaborative law-enforcement and information sharing site.
REFERENCES
The Ultimate Guide to Scareware Removal
Be On The Alert for Scareware and Pop-upshttp://malwarebytes.org
Published by Joe Poniatowski
A full time IT consultant with over 20 years experience. Clients have included 2 of the big 3, financial institutions, and state and local governments. View profile
Keylogger: Every Stroke You Take I'll Be Watching YouWhether it's a jealous spouse or a stranger trying to access your bank account, learn how to find and destroy online activity monitoring programs known as keyloggers.- How to Protect Yourself Online (on the Internet) with Free Security Software (free...In this article you will discuss how to cheaply protect yourself and your computer while surfing online with these best budget conscious Internet security software programs.
- Microsoft to Phase Out Windows Live OneCare, Will Offer Free Anti-Malware ProtectionMicrosoft will be eliminating their Windows Live OneCare products, an anti-malware product line, in favor of a no-cost solution for their customers.
- Norton Internet Security Software ReviewNorton Internet Security is the perfect solution for anyone who uses the computer for work, play, checking emails, and any one who surfs the internet at all.
- Successful Spyware Removal with Malwarebytes' Anti-MalwareIf you surf the Web daily like I do, chances are your PC will be infected by a spyware trojan or other malware, no matter how careful you are. Learn about a spyware removal tool that really works.
- Beware of Phony Virus Popup Alerts
- Conficker Virus
- Internet Security Software: Does it Really Work?
- Computer Security Threats for Small Businesses
- Online Data Backups: Small Business Insurance Against Cyber Attacks
- How to Protect Microsoft Windows from Viruses and Know More About Microsoft in Gen...
- Nine Steps to Computer Security in a Web 2.0 World
- The FBI estimates scareware has cost victims over $150 million.
- Fake security software pretends to scan PCs, and falsely reports multiple infections.
- Learn to avoid scareware, and how to remove it if necessary.
6 Comments
Post a CommentExcellent information. I had a relative who was always clicking on links in emails they received in Hotmail, and several times they ended up with these rogues installing themselves, and almost impossible to get rid of. I had to resort to an Ubuntu (Linux) boot CD in one case to clean up Windows so the program didn't self install every time you booted up. I could think of some nice tortures for the people who create these.
Scareware is really tough to remove. I have had friends and family members that have clicked on this stuff and the only solution I have found with these badly infected machines was to reformat the drives.
Super informative article and one I am bookmarking for reference! Thanks so much!
Thanks, Jan and Vincent, for the comments. Regarding Ubuntu - yeah, even when I have to run Windows (as I do at work) I run Ubuntu in a virtual machine, and I laugh right along with you.
While I am not an IT person, I do a bit of computer work for friends. Often they have scareware they've installed, then wonder why 1. their computer doesn't run, or, 2. why it's so slow. They'll say things like, Oh, I have two or three different protective programs on my computer. I just don't understand why... If I reach a site that says it has detected an infection, I simply hit Ctrl-Alt-Del and end my browser. Of course when I'm in Ubuntu, I can laugh.
I really, really appreciate the heads up on this!