Money-motivated con-artists keep copious social engineering tricks in their armour to trap their victims. Alongside the popular techniques, they also actively use decade-old social engineering techniques to lure millions of victims globally. And scareware is considered one of the most compelling instances from the lot.
As its name suggests, scareware primarily targets millions of end-users every year and make a massive sum of money by riding on fear and despair.
In short, scareware is a potentially unwanted application (PUA) or rougueware which impersonates as legitimate-looking security or system utility software intending to make money from its victims’. Scareware often purports as cybersecurity solution software, antivirus, antispy, a firewall of system optimisation software.
[Read More: Social Engineering and the Psychology of Falling Prey to Cybercriminals]
Noteworthy features of a scareware
Scareware often gains a foothold on the victims’ machine, via compromised or malicious web sites, spam email attachments, malvertisement, sponsored browser search result, or black hat SEO techniques. Once it manages to gain access over the victims’ system, it usually pushes pop-up alerts and mentions a plethora of system problems.
These false alert system issues include malware, broken system files, cache errors, spyware, key logger, infected files, and claims to offer a solution to all in exchange for a hefty amount.
Many of the scareware is capable of locking the entire system or flash pop-ups continuously until the victim pays for it. A few notorious scareware families are even capable of blocking legitimate security software from loading or blocking the operating system or AV software to update.
Some of them could even block necessary system tools such as uninstall programs or prevent any third-party tools from getting executed. A few infamous scareware also comes with clickjacking features to ensure routing the victims’ internet traffic to malicious websites even after the victim clicks the exit (X) or cancel button.
[Read More: Social Engineering Knowhow 2: Everything You Should Know About Phishing]
The bad actors often design scareware to look-like authentic software pop-up by borrowing similar typefaces, colours, window design, and other things from legitimate software. They often flash pop-up when the user opens a website, switch between sites, copy files, or execute any essential operation. Once they gain victims’ trust, the scareware routes the device internet traffic to an impersonated version of any reputed cybersecurity or system utility developers site and asks for a hefty amount.
Though scareware is primarily popular among the fake security software developers, they are often used as a social engineering technique to intrude in a system or network.
Even though most of the scareware limits itself to snitch money once from its victims, many steal payment card information too via fake payment gateways. Sometimes scareware is also used to leverage ransomware into the victims’ system.
[Read More: Social Engineering Knowhow 3: All You Need To Know About Vishing And SMiShing]
In its early years, scareware developers primarily targeted Windows users’ for its unquestionable popularity. But for the last few years, scareware attacks are surging on other popular operating system platforms, including macOS, Android, and iOS. The ongoing Coronavirus pandemic has further helped the scareware makers to develop numerous new techniques for all the popular operating systems.
Interestingly, many of the infamous scareware was developed decades ago but are still prevalent. Spy Sheriff for Windows crafted in 2009 and is still visible in the wild. MacKeeper and MacBooster are two commonly visible scareware for macOS users. Two notorious scareware families for Android operating system named Android defender and Android Spy are also visible.
[Read More: Social Engineering Knowhow 4: The Murky Alleys Of Pharming]
The salient aspects of a scareware
To identify scareware as soon as it appears on the system, you should learn the common symptoms. Here go the most basic signs of scareware-
- A pop-up suddenly appears with a critical system error message, mentioning system file, registry, or something identical and asking you to click on a button to get rid of it.
- A pop-up claiming your antivirus/ cybersecurity software license has expired and asks you to renew it through a pop-up window.
- A pop-up appears with some exciting deals or discounts.
- A pop-up starts scanning your system suddenly for malware and displays a plethora of instances that exist on your system. Such scans are usually fake animations to put psychological pressure on you to click on something.
- A random pop-up appears on the browser window and doesn’t let you close it.
[Read More: Social Engineering Knowhow 5: All You Need To Know About Pretexting]
How to get rid of scareware
Protecting your device against any oncoming scareware is comparatively easy if you can hold your patience and think twice before following any instructions. Another most relevant measure to get away from scareware is to install a reputed multi-layered internet security software such as K7 Total Security, which comes loaded with email and site filters, necessary web protection tools, firewalls, and other relevant security protection to block the attacks on its primary phase. Alongside, you should also-
- Turn on the automatic system and application update. You should also keep all the system-installed browsers and plugins updated.
- Turn on the K7 Security pop-up blocker on your system browser to stay away from any irrelevant pop-ups.
- Never click on the download button, or a link appeared on a pop-up window. Never click on its terminate (X) or close button, either. Always terminate the process via the above-told manual method. If you encounter a suspicious pop-up with Scareware-like symptoms in Windows or macOS, you should right-click on the currently active icon appears on taskbar and select Close (in Windows) or Quit (in macOS). Or you can press Ctrl+Alt+Delete in Windows OS or Command+Option+Esc in macOS to force quit the application.
- In case of any emergency, restart your system in safe mode, and don’t hesitate to call our helpline for further assistance.