InfoSec Blog - Beware of ScareWare
February 16, 2016
Have you ever seen a pop-up like the one above while browsing the internet? You are surfing the internet, when suddenly your screen is full of popups warning you about an infection on your computer, with windows saying “Click Here” or as in the case above, “Call this number”. It is an easy scam to fall for if you aren’t careful, and can have devastating consequences.
What is ScareWare?
ScareWare is often designed to resemble popular Anti-Virus pop up messages, and the goal is for you to click them so you will either download potentially malicious software, or allow someone remote access to your computer. While these messages indicate that they want to help you, they will likely end up infecting your system, or steal your personal information. In some cases, your computer background will suddenly will change blue, and resemble the classic Windows Blue Screen of Death.
Tips to Protect Yourself
- Ensure you have anti-virus software installed, and that is up-to-date
- Become familiar with what brand of anti-virus you have installed, and what the warning notifications for that product look like
- Limit browsing to the well-known and reputable sites. Avoid high-risk sites, such as online gaming/gambling, pornography, and peer-to-peer/BitTorrent sites
- Do not install software from unknown or untrusted websites/sources, and always verify the source and reputation of the vendor
- If you do encounter ScareWare, close your browser immediately and run an anti-virus scan
- If you receive a phone call from someone claiming to be from technical support, you should be suspicious. Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer. (More information on these scams can be found here - https://www.microsoft.com/en-us/safety/online-privacy/avoid-phone-scams.aspx).
Written by: Brendan Hohenadel (Cyber Forensics Analyst, Information Security)