What is scareware? And how to spot online scareware scams
September 15, 2021
Scareware is a type of malware that leverages pop-up ads and social engineering tactics to manipulate online users into believing they need to buy or download software that’s indeed useless or malicious.
In simpler terms, scareware is a scam, one that reveals itself in the form of pop-up ads encouraging users to act fast to address an alleged cybersecurity problem. As the name suggests, it scares users into handing over their confidential data to what they believe is a legitimate solution to their cybersecurity problem.
And the consequence of downloading scareware can vary and can include credit card fraud or identity theft. Thankfully, there is less need to fear over this cyberattack if you know just what is scareware, how to spot it, and scareware removal tactics — and that’s what we cover here.
There’s a reason why cybercriminals turn to scareware so often: It’s an effective way for them to steal your credit card information, trick you out of your money, and gain access to your computer. And they do this using a few common techniques, like virus removal scams, clickjacking, peddling fake antivirus, and tech support scams.
For perspective, here are some of the earliest real-world scareware examples:
- In 2006, Microsoft and the Washington state attorney general filed a joint lawsuit against the software vendor Secure Computer, alleging it peddled Spyware Cleaner to Microsoft users that was scareware.
- In 2009, a Russian online payment processor, ChronoPay, approached Mac users with scareware that encouraged them to buy fake antivirus software.
- In 2010, newspaper readers were lured by Best Western ads to fake websites that downloaded malware on devices.
- Between 2009 - 2016, Office Depot and OfficeMax customers were manipulated into buying repair services after a PC Health Check insisted their devices were ridden with threats.
Scareware explained + how to identify it
If you’re still wondering “what is scareware” the answer also lies in the question “is scareware a malware attack?” And the answer is yes. As with all malware, it can be delivered in a few different ways. But what causes scareware is all the same — scare tactics.
Also known as deception software, rogue scanner software, or fraudware, scareware generally works like this:
- A pop-up warns that your device has been compromised, perhaps by a virus or dangerous file, inciting feelings of shock, anxiety, or panic.
- The pop-up continues popping up until you click the call to action, perhaps a “download,” “visit website,” or “close” button. When you do, it might redirect you to an alleged solution for your cybersecurity problem, such as antivirus.
- Once you’ve engaged with the pop-up, malware is downloaded on your device, perhaps by yourself or via a drive-by download on a fake website. Ultimately, your data is put at risk, leaving you susceptible to malicious acts.
That malice can come in the form of your computer being held for ransom, bloatware being installed, spyware creeping on your activities, data theft, or credit card fraud — because you’ve given your payment information to a scammer — or identity theft.
Bottom line: No one wants to be a victim of scareware. You can face those fears head-on by familiarizing yourself with the following tell-tale scareware signs:
- The pop-up is dire, perhaps indicating your computer is infected with hundreds of viruses and potentially using all caps and many exclamation points.
- The pop-up warns you to act fast because the cybercriminals behind these attacks want you to purchase and install their malware quickly before you have a chance to think about it.
- The pop-up is hard to close, or clicking on the “X” button to close it instead brings up more pop-ups.
- You’ve never heard of the software company that’s trying to get you to download its product.
- It immediately scans your computer for viruses, displaying a list of the dozens or hundreds of viruses uncovered.
In the unfortunate event that scareware is downloaded on your device, it’s best to know how to remove it — and remove it fast.
Suspicious you’re a victim of scareware? Here are a few common signs scareware is downloaded on your devices:
- Your device is running slower than usual.
- You’re unable to install or use legitimate cybersecurity software.
- Your screen is teeming with annoying pop-up ads.
And in case your scareware suspicion has turned to certainty, you should probably invest in a third-party solution to remove it entirely. But, first, consider following these scareware removal steps for Macs and PCs.
How to remove scareware from PCs
Follow these scareware removal steps for PCs.
1. Navigate to Settings on your Windows device, then select Apps.
2. Under Apps & features, select the scareware from the list of programs.
3. Click uninstall, and OK if a confirmation box appears.
For safe measure, you might want to restart your computer in Safe Mode with Networking, which means it will only use essential programs to run. At this time, you can install antivirus or anti-malware solutions.
How to remove scareware from Macs
Follow these scareware removal steps for Macs.
1. From a new Finder window, navigate to your Applications folder.
2. Select the scareware from the list of applications, then drag it to your trash can.
3. Right-click the trash can and select Empty Trash.
For safe measure, you might want to go into Safe Mode on your Mac, too. To do that, restart your device and hold the shift key until the log-in screen pop-ups. This allows your Mac to use only essential programs so that you can ideally uninstall any malicious software or download antivirus software.
5 tips for scareware prevention
When it comes to scareware, the ideal scenario is that you never get it from the start. Fortunately, a bit of common sense can go a long way in preventing scareware attacks, as well as the following best practices:
- Don’t click malware notifications: Never click on any links or “download” buttons on pop-ups. Instead, close your browser if it won’t go away and, as an alternative, do a hard shutdown of your device.
- Keep your browser updated: By quickly approving updates to your browser, you’ll give yourself the most protection from scareware pop-ups. Consider enabling automatic updates to never miss a security patch.
- Enable pop-up blockers: If you can prevent pop-ups, your screen won’t get filled with advertisements for fake security programs.
- Verify new software before you buy it: Never download anything from or provide credit card information or other personal information to a company whose name you don’t recognize. A quick Google search can tell you if a software is genuinely being advertised to you or if it’s a malvertisement.
- Harness your cybersecurity tools: Take the guesswork out of whether you’re dealing with scareware by investing in antivirus software and enabling URL filters, firewalls, etc.
Sure, scareware can be, well, pretty scary. However, if you approach your online interactions with a Cyber Safe mindset, you can avoid these types of cyber threats to the fullest.
Cyber threats have evolved, and so have we.
Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.
Try Norton 360 with Lifelock.
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Copyright © 2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.