Don’t Get Scammed by Scareware! Here’s How to Stay Safe
Unlike typical malware, spyware, and ransomware, scareware masquerades as real security protection and then frightens you into paying to clean up the infections it pretends to detect. Don’t get duped.
In the classic musical The Music Man, conman Harold Hill frightens a town’s folks into believing that they’ve got “trouble, right here in River City!” Once he has them quaking in their boots, he’s right there with a solution—for a price.
Grifters and con men show up everywhere, including the world of technology. While it doesn’t come with brass-band accompaniment, a big popup announcing that your computer is dangerously infected can certainly cause consternation. Right behind the scare comes the solution: Just pay a fee, and the “helpful” antivirus will clean up all the dangers it found. Many users fall for these scams and wind up paying good money for software that just pretends to clean up imaginary threats or that actively installs malware. Here are some tips to make sure you don’t get scammed by scareware.
Don’t Buy It!
Scareware is a growing problem, and it’s your fault. Well, maybe not you personally, but if absolutely nobody installed these fake antivirus and security suite programs, the bad guys wouldn’t have the funding to keep going. They would just find some other scam.
As it is, plenty of people shell out $39.99 or more to register these frauds. A scareware scam is not at the level of a Bernie Madoff scheme, but some of the fraudsters are so far in the black that they employ tech-support agents. Of course, the first thing you’ll likely hear from their agents is, “First, remove any existing security software…”. That way your antivirus won’t get a chance to warn you about the fake you’re installing.
Many scareware programs copy user-interface elements from real malware protection programs; the multi-color Windows security shield is especially popular. They often use names that sound like the real programs that you’ve heard of. And the era when you could spot scareware by its bad grammar or spelling is long gone. You’re just as likely to find a typo in a valid program as in these slick fakes.
How can you avoid getting scammed? If a security program pops up with a dire warning, but you never installed the program, that’s a clue that the warning is a scam. If it’s surprisingly difficult to close the program or escape the registration process, that’s another clue. For those who’ve already been duped, the biggest giveaway may be the product’s incredibly fast virus detection. Because there’s no real scanning going on, the programmers can make it as fast as they want.
Just look at the screenshot below. This rogue antivirus claims it found 489 issues, but they’re all innocuous temp files and such. What it did not find were the dozens of malware samples present on the test system. Not one!
I should point out that some legitimate programs work similarly. You can scan for free, but you must pay if you want the antivirus to quarantine the threats it found. Perhaps due to the association with scareware, this model is becoming less common. PC Matic Home, for example, used to scan your system for free but require paid activation to clean what it found. It no longer follows that model. Even when it did, it took an hour and quarantined only actual malware. That’s a far cry from the near-instant (and useless) scareware scans.
Call Fake Ransomware’s Bluff
Writing a ransomware program is tough. You’ve got to master libraries of encryption functions or even write your own encryption code. Your program has to evade antivirus programs long enough to do its dirty deeds. And if you’re an honest crook, it must provide a way for the victim to exchange untraceable cash for the decryption key. Lazy malware coders don’t bother with all that. Writing fake ransomware is a snap, and the ransomware protection utilities that take up arms against the real thing don’t notice the fakes. Actual ransomware has to perform certain actions, such as encrypting files. Since the fakes don’t do anything, there’s no behavior to detect.
The typical fake ransomware webpage has a big, scary warning that you are in trouble for some offense, perhaps for viewing porn. It demands payment of a fine through untraceable currency, anything from Bitcoin to convenience-store gift cards. And if you try to leave the page or close the browser, you can’t—you get a message that the browser is locked.
Don’t worry; your browser isn’t locked. The fakers are just abusing a normal feature that’s available to any web page. Web developers can configure pages to pop up a notification when you leave, asking whether you really want to leave. The perpetrators of these fake ransom pages just leverage that simple technology and take away your option to leave. All you need do to call their bluff is kill the open browser window using Task Manager. Mac users can press Command+Option+Escape to bring up the Activity Monitor and Force Quit the stuck browser.
Watch for Scares Everywhere
Fraudsters don’t create fake programs just to scare you into paying for nonexistent malware cleanup. Some of them call you on the phone, warning that your computer is spewing viruses or that your personal data may have been compromised. They may claim they’re calling “from Windows,” whatever that means. They may claim to be from Microsoft—trust me, Microsoft is not going to call you. And they want you to pay via credit card to have them remote-control your computer and fix the problem. So they’ll take your money, misuse your credit card number, and use remote access to plant additional malware and spyware. Don’t fall for it.
Another scam that’s going around arrives as a threatening email. The sender claims to have recorded your visits to porn sites and other unsavory web locations, then threatens to make the recordings public unless you pay up. The ransom tends to be steep; I got one asking for $3,000. Most people can laugh this one off. But if you regularly visit porn sites, even if you do your best to keep your porn habit private, this scam might sting a bit.
While you’re avoiding fakes, don’t forget to vet your VPN. You entrust your VPN to encrypt and protect all your network traffic; you don’t want to hand over that traffic to VPN frauds. Consult our reviews, and pick a known and verified product, so you don’t get stuck with a fake VPN.
Before you consider paying money for any security program, check PCMag’s reviews to verify that is a good one. Watch out for shill sites with fake reviews set up by the roguesters themselves. Carefully peruse PCMag’s roundups of the best antivirus programs. Armed with the information you’ll find there, you can make an informed choice, free of scareware worries.
Originally published at https://www.pcmag.com.