It seems that I’ve fixed at least 50 computers since the first of the year that have been infected with “scareware.” Short for “scary software (I guess),” scareware is a form of extortion, as it is designed to scare you into giving a crook some money.
Emerging about two years ago, scareware succeeds by exploiting the fact that most people don’t know much about their computers. This state of ignorance has turned scareware into one of the most profitable scams on the Internet.
The simplicity of a scareware attack is one key to its success. Somehow, someway you land on a website that triggers an official-looking “Alert” that pops up, warning you that your computer has been infected by a gazillion viruses, Trojans and spyware programs. You are then offered the opportunity to buy a program that will get rid of all those nasty viruses. It’s a virus offering to sell you an antivirus program, which is itself another virus. Clever, isn’t it?
Scareware alerts can come from infected, but otherwise legitimate websites, such as Microsoft’s MSN Norway website or Sony’s Playstation site. Even the New York Times’ website was hacked last year to serve up scareware. Scareware alerts can also be found on legitimate-looking but totally bogus websites specifically setup to nab potential victims.
The first step in protecting yourself against scareware is to know which antivirus program is installed on your computer. Do you use Norton? Avira? Avast? Trend Micro? Once you know what antivirus program you use, you’ll know that antivirus alerts and scans coming from any other program are fakes, and can hopefully avoid becoming infected.
I’ve had victims tell me, “I didn’t click on anything; it just popped up and got me.” Sadly, such a scenario is impossible. Somewhere, somebody clicked on something. Maybe the victim clicked on a button inside the alert that said “No” or “Cancel.” Maybe they clicked on the “X” in the corner to close the popup. All of those responses to a scareware alert lead to the same thing: infection. Never click anything in a scareware popup.
To get out of a scareware alert, hit the Control, Alternate and Delete keys (Ctrl, Alt and Del) at the same time and use Task Manager to force your browser to close. Then, use a cleanup program such a Ccleaner (link on my website) to empty your browser’s cache and temporary files. Failing to perform this final task can lead to the scareware popup reappearing the next time you run your browser.
Next, install Web of Trust. For instructions, see the column that I wrote in June of 2009 titled, “Who do you trust?” Web of Trust can warn you about potentially dangerous websites.
Users of the Firefox website browser (which should be everyone) should also install the NoScript extension found at noscript.net. NoScript gives Firefox users the ability to block the tiny programs called “scripts” that scareware popups depend on.
Of course, none of these solutions are permanent; there’s no such thing as a “set it and forget it” solution to Internet safety and security. The Internet is a constantly changing landscape and those who wish to continue enjoying its many benefits need to remain vigilant.