What is a Scareware?
A Scareware is a generally a limited or useless software sold by causing fear or anxiety.
This tactic frequently used by criminals involves convincing users that a virus has infected their computer, then suggesting that they download (and pay for) antivirus software to remove it. Usually the virus is entirely fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 583% increase in scareware programs.
A common encounter is a pop-up on a website indicating that the PC is infected. In some cases it is possible to become infected with scareware even if the user attempts to cancel the notification. These pop ups are especially designed to look like they come from the user's operating system when they are actually a webpage.
Some known scarewares include:
There currently is an epidemic of fake anti-malware software on the Internet– which is collectively called “rogue anti-malware” (aka “scareware”). These fakes are, in fact ‘marketed’ under hundreds of different names, such as “Internet Security 2010″, “Online Scanner”, and “Antivirus XP 2009″.
(Yes, folks, legitimate websites are being ‘hacked’. It’s known as “poisoning”. And search results links are being hijacked. And the cybercriminals can afford to pay for advertising and appear in search results that way too..)
The *people* behind this scourge use many different ways to try to entice you to click – realistic looking pop-up windows appear, offers of “free trials” arrive in e-mail, and “free scan” buttons on legit-looking ‘fight malware’ websites.. the means are quite varied! There’s even some that put a red shield icon in your System Tray (down by the clock) and mimic a Security Center alert.
The ‘false positives’ are not “cleaned”, BUT, more adware and spyware is installed.
In case I wasn’t clear:
1) The alerts are fake. The scans are fake. The results are fake. Don’t fall for it.
2) For you to even see these scans, your machine has been attacked, and you should start a virus removal process immediately.. and/or get help.
3) Epidemic? You bet! Thousands of websites get poisoned each week, and the cybercriminals create their own bogus websites at the rate of thousands a day.
Oh, yes, almost forgot. A new ‘variant’ of rogue is released onto the Internet roughly twice a week…
So how can you protect yourself? Here are some rules to follow:
If you find yourself redirected to a scareware site, don’t click anything. Hit Ctrl-Alt-Del, go to Task Manager, and use End Task to shut down your browser. It’s much safer that way. Once you’ve been redirected to a malicious site, clicking on anything, even the X in the corner, could trigger a download.
Some of the information listed above was gleamed from http://techpaul.wordpress.com/2010/02/10/your-computer-is-lying-to-you-the-epidemic-of-rogues/