When we’re scared, we often act irrationally and make decisions we won’t normally make. Cybercriminals know this, and they don’t hesitate to exploit one of the strongest and most unpleasant emotions, fear, to fulfill their sinister plans. Their tool of choice is scareware, malicious software that relies on social engineering tactics to compensate for its lack of technical sophistication.
What is Scareware?
Scareware, also referred to as deception software or fraudware, is a type of malware that uses social engineering techniques to scare users in order to manipulate them into doing something that’s supposedly helpful but actually harmful, such as installing malicious software disguised as a legitimate antivirus program.
What makes scareware attacks unique compared with most other cyber attacks is that their severity depends almost entirely on how users react to them. A user that recognizes a scareware attack for what it is, remains calm, and takes appropriate steps to contain it is unlikely to suffer any damage whatsoever. On the other hand, a user that falls for the attack and does exactly what the attacker wants them to do may be in for a lot of trouble.
How Does It Work?
Most scareware attacks follow a similar pattern. They start with a sudden and urgent pop-up message, warning the target user about a malware infection. The message may mimic similar messages displayed by legitimate anti-malware programs, and it may contain flashing images to attract attention. The most invasive scareware attacks make it difficult for users to close the messages they display.
In addition to warnings such as “You’re computer is infected!” or “Your data will be encrypted!” scareware pop-up messages contain a link to a solution. The solution can be anything from an antivirus program to remote assistance provided via remote access software like TeamViewer.
Of course, the suggested solution will not solve the alleged issue because there’s no issue to begin with—but it may do the exact opposite, such as infect the target user’s device with extremely dangerous ransomware or give cybercriminals remote access to sensitive personal information. In some cases, the provided solution isn’t free, and the goal is to make money by selling useless software or services.
The biggest difference is that scareware is a social engineering attack that’s not capable of causing damage unless it successfully manipulates the target user into doing something that’s against their best interest. On the other hand, ransomware can render entire clusters of computers useless on its own.
The first documented example of a scareware attack happened in 1990, and it was a program called NightMare by Patrick Evans. Like many malicious software programs back them, it wasn’t designed to steal money or encrypt data. Its only goal was to scare Amiga users by displaying an image of a skull with blood gushing out of a bullet hole. The screeching sound effect played together with the image is likely responsible for several spilled cups of coffee.
Two decades after the original scareware attack, Minneapolis Star Tribune newspaper began serving ads for Best Western. The ads led to websites infested with fake Windows support pop-ups and messages which attempted to scare users into purchasing antivirus software to clean their computers. The person behind this scareware scheme made between $150,000 and $250,000 before his arrest.
Because of how profitable fear-based sales tactics can be, even some legitimate companies have been accused of using scareware to increase their profits. Between 2009 and 2016, Office Depot and California-based Support.com were aggressively pushing their diagnostic and repair services via a free “PC Health Check Program.” The FTC alleged that the services were not needed in many cases, and the two companies eventually agreed to pay $35 million to settle the claim.
How to Prevent and Remove Scareware?
Now that you know what scareware is and how it works, let’s discuss what you need to do to successfully prevent and, in the worst case, remove it.
How TechGen Can Help!
As a provider of managed IT services, TechGen can protect your business against scareware attacks by providing 24/7 security monitoring, implementing cutting-edge anti-malware defenses, keeping all of your devices and the software that runs on them up to date, and much more.
Contact us today to learn about how we can help you to protect your business from scareware and other cyber threats.