Security Corner

Feb 18 2009   5:05PM GMT

Scareware–Using Fear & Deception to Dupe Consumers

Ken Harthun Ken Harthun Profile: Ken Harthun

You’re checking out your favorite web sites when out of the blue a scary message appears on your desktop, which may look like the picture below, or it may just be a box that says “Warning! Spyware detected on your computer!”

What do you do? If you’re the average computer user, this will probably scare you (which is why it’s called “scareware”). You’ll be very tempted to click on the button, thinking that you are ridding yourself of some nasty spyware, but don’t do it: The message is a fake and you’re not really infected. If you click, however, you are going to get infected by some really nasty stuff.

Not only that, but clicking will probably bring up a “registration” screen and if you click on that, you’ll be taken to a web site where the crooks try to sell you their bogus–and totally useless–“security” software. Not only will they dupe you out of $39.95, $49.95, or whatever they’re charging, they’ll get your credit card or banking information and maybe clean you out for real. It’s all a scam and the criminals who run these things are making millions.

The only defense is knowing that these scams exist and not falling for the ruse if you’re ever hit by one. With that in mind–and with some help from various sources on the web–I present a list of some of the more prominent “scareware” scams. This list is by no means complete; new variations appear regularly. But all of them use the same tactic: scare the victim into taking some action.

  • AntiVirus 2008, 2009 and 2010: The above screenshots are of Antivirus 2009, but all three are basically the same program and have similar appearance.
  • AntiVirus Plus: Sometimes uses Microsoft Security Center alerts to trick you into thinking it’s legit. The screen shot below is totally bogus.

  • AntispywareXP 2009: Very intrusive. The fake alerts and scan results overload your system and slow it down.
  • XP Antispyware 2009: Virtually the same as AntispywareXP 2009.
  • WinDefender 2009: This little gem will always find malware on your system. Of course, what it finds is bogus, but it’ll scare you enough to dupe you into buying the software.
  • Personal Defender 2000: Uses the same tactic as WinDefender 2009, but gives a warning about your firewall and then tries to get you to buy the software.
  • AntiVirus Sentry: This is one that will often download itself even if you don’t click on anything.
  • Security 2009: The crooks responsible for this one have the audacity to advertise it on the Web as if it’s a legitimate application.
  • ProAntispyware 2009: You might see this one advertised on the Web, too.
  • RapidAntiVirus: This one is capable of damaging your system because it identifies legitimate system files as malware. If you remove the files, you can crash your PC.
  • Antispyware 3000: Usually budled with Trojan Horse programs. Looks legit, but don’t let it’s slick appearance fool you–it’s bogus.

Thanks to Redmond Magazine, bleepingcomputer.com, Microsoft Malware Protection Center, and others for information used to compose this post.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: