Beware of Scareware

You’ve probably seen it… you’re surfing along and up pops a window saying something like “Your computer is infected with 182 viruses – click here to fix”.

We’ve had several clients who’ve clicked on it and infected their computers. It puts an icon in your SysTray that keeps blatting about going to a web site and paying money to fix the problem. In many cases it limits your access to antivirus sites, can steal personal data and slow your computer.

It’s extortion. They infect your computer and then want money to fix it. It’s another form of phishing, luring you in under false pretenses. The term for it is “scareware”.

These scareware popups can occur anywhere, even on major sites. They can look like official Microsoft dialog boxes – I’ve even seen them look like Windows Security Alerts…

Simulated Microsoft Alert

Simulated Microsoft Alert

WHAT TO DO?  If you run into one of these treat it like you would a rattlesnake – back away. You probably won’t be able to use your browser’s Back button and you DON’T want to click on the red X to close it. Hackers can change the effect of the red X to activate it rather than close it.

I recommend closing your browser. If you are using a firewall like ZoneAlarm you can try engaging your Internet lock, then try the red X to close the window, but I always just close the browser. It’s a pain in the butt, I know, but it’s less of a pain than trying to exorcise the resulting malware infecting your computer.

You can always use your browser History to get back to tabs you had open. And if you are using Firefox, make sure you start a new session when the browser comes back up.


Further reading:

Scareware’s pitches for fake security show up in odd places (USA Today)

Watch out for fake virus alerts (Microsoft Security)