Scareware Definition
Scareware is defined as malicious software that tricks users into visiting malware-infested websites. Also known as rogue security software, rogueware, or fraudware, scareware can come in the form of pop-up windows that appear as legitimate alerts from anti-virus software companies alerting you to infected files on your computer. These alerts are designed to look authentic and scare users into paying to quickly purchase the software that can solve the problem. However, the result of the download is fake anti-virus software, while in reality, it’s malware intended to steal the victim’s personal information.
Attackers use other tactics as well, such as sending spam email messages to distribute scareware. Once the email message is opened, victims are tricked into purchasing their services. These traps also often result in identity theft and other types of fraud.
Scareware typically follows a common pattern.
- Firstly, pop-up windows appear, alerting the user that there are dangerous or pornographic files on the computer.
- These windows then continue to appear until you click the “remove” buttons or register with the suggested anti-virus software. Pop-up scams usually look like real warning messages.
Using social engineering tactics scareware pop-ups often:
- Imitate the logos of legitimate anti-virus programs and software companies
- Show a screenshot of the “infected” files on your computer
- Show a progress bar as your computer is being scanned
- Contain flashing red images
- Use capital letters and exclamation points