You’re checking out your favorite web sites when out of the blue a scary message appears on your desktop, which may look like the picture below, or it may just be a box that says “Warning! Spyware detected on your computer!”
What do you do? If you’re the average computer user, this will probably scare you (which is why it’s called “scareware”). You’ll be very tempted to click on the button, thinking that you are ridding yourself of some nasty spyware, but don’t do it: The message is a fake and you’re not really infected. If you click, however, you are going to get infected by some really nasty stuff.
Not only that, but clicking will probably bring up a “registration” screen and if you click on that, you’ll be taken to a web site where the crooks try to sell you their bogus–and totally useless–“security” software. Not only will they dupe you out of $39.95, $49.95, or whatever they’re charging, they’ll get your credit card or banking information and maybe clean you out for real. It’s all a scam and the criminals who run these things are making millions.
The only defense is knowing that these scams exist and not falling for the ruse if you’re ever hit by one. With that in mind–and with some help from various sources on the web–I present a list of some of the more prominent “scareware” scams. This list is by no means complete; new variations appear regularly. But all of them use the same tactic: scare the victim into taking some action.
- AntiVirus 2008, 2009 and 2010: The above screenshots are of Antivirus 2009, but all three are basically the same program and have similar appearance.
- AntiVirus Plus: Sometimes uses Microsoft Security Center alerts to trick you into thinking it’s legit. The screen shot below is totally bogus.
- AntispywareXP 2009: Very intrusive. The fake alerts and scan results overload your system and slow it down.
- XP Antispyware 2009: Virtually the same as AntispywareXP 2009.
- WinDefender 2009: This little gem will always find malware on your system. Of course, what it finds is bogus, but it’ll scare you enough to dupe you into buying the software.
- Personal Defender 2000: Uses the same tactic as WinDefender 2009, but gives a warning about your firewall and then tries to get you to buy the software.
- AntiVirus Sentry: This is one that will often download itself even if you don’t click on anything.
- Security 2009: The crooks responsible for this one have the audacity to advertise it on the Web as if it’s a legitimate application.
- ProAntispyware 2009: You might see this one advertised on the Web, too.
- RapidAntiVirus: This one is capable of damaging your system because it identifies legitimate system files as malware. If you remove the files, you can crash your PC.
- Antispyware 3000: Usually budled with Trojan Horse programs. Looks legit, but don’t let it’s slick appearance fool you–it’s bogus.
Thanks to Redmond Magazine, bleepingcomputer.com, Microsoft Malware Protection Center, and others for information used to compose this post.