Reetwika, a cyber security expert, tells us how to protect ourselves from Scareware alerts. She gives invaluable tips to protect ourselves from such frauds, in the weekly column. A Different Truths exclusive.
While browsing the internet, have you ever received a popup alert similar to this – “Our antivirus has detected dangerous malware in your PC. Click here to take immediate action.”
Or, maybe you have been cautioned by browser warnings like – “Virus Alert! Your machine has been heavily infected. Use our free online antivirus services to disinfect your machine in just 5 minutes.”
And what action would you take in either of these cases? Must be what majority of us will do – immediately click the link to run the antivirus scan and get to see a message like this – “Thank you for choosing us. We are scanning your system. It may take some time. You can minimise the window and continue with your work. We will notify once it’s done.”
You are so happy to enjoy their free and prompt service; thoughtlessly you keep browsing the internet, as usual, transferring the entire headache to the antivirus provider. And after a quick scan of say 8 minutes, you see another notification reading “Congratulations! All malware have been detected, quarantined and deleted. Now you are safe to use your PC.” You thank God. It’s all cleaned without spending a penny along with an uninterrupted internet surfing experience.
Next time as you switch on your PC, you find a message popping up from the same antimalware service provider – “Hope you enjoyed our free antivirus. It can be yours for 5 years. You just need to pay a onetime nominal processing fee of $10. Click here to subscribe.”
Compared to their hassle-free online service, the payable amount seems negligible. So, you instantly decide to subscribe to their online antivirus service instead of buying, installing and activating a CD-based product from a cyber retailer every year. And you make the payment with your international gold credit card.
From that day within a month’s time, you stumble upon degrading PC performance, sudden data losses, unwanted folders being created on your desktop, disk space congestion, etc. followed by a ransomware threat and fraudulent credit card bills. You are totally taken aback! Even after choosing such a fabulous antivirus service, what went wrong? Most importantly, where did it go wrong?
Oh, there is no doubt that you have been scammed. Let me help you comprehend the anatomy of the attack.
What is Scareware?
A Scareware is a malware which injects computer virus in the disguise of a fake antivirus program. They typically spawn false virus alerts to grab initial attention and scare customers with cautionary notices so that the poor users do not waste much time to ponder about the alert’s credibility. And thus they are easily pranked.
Millions of users worldwide fall prey to such scams and are often fooled by the fraudsters. The Scareware popups imitate genuine malware alerts as generated by legitimate antiviruses so convincingly that it often becomes difficult to identify at first glance. A lot of efforts go in by the conmen in simulating the fake GUI to ensure a trusted look and feel, resembling that of a reliable security product.
Basically, they exploit common human psychology very adroitly and trick users to grow faith on their fraud products, make them believe as genuine by offering useful free services in the beginning and then exploit the trust earned.
Anatomy of Scareware Attack
They first send a push notification of virus alert and make you click on their hyperlink so that you download and install their fake antivirus on your machine. Once installed, the software program is an absolute nuisance. It typically remains dormant for few hours before becoming active. Then suddenly, it starts affecting your PC’s hardware – degrading speed, increasing processing time, sloth behaviours, full disk space, sudden data losses, creation of innumerable files in your Programs folder, inability to close open windows, changing desktop wallpapers, new browsers, unwanted plugins, new desktop icons, default homepage redirecting to unknown website etc. They may also bombard with extremely annoying messages, continuously warning you about new virus infections so that you visit their phished website again and download further malwares in the name of upgrading your antivirus.
But in reality, such infections do not exist at all; even if the antivirus appears authentic. Being an unwary user, anyone will be scared by the perceived gravity of the alarms and tricked into paying for a counterfeit subscription. Not only will you be cheated financially, but also they will deactivate your actual antivirus program if any so that they can gain full access of your machine, hard disk data, and personal files.
Scarewares commonly exercise push sale strategies to force your decision on an emergency. They may even push you to share your credit card details for the online subscription. Here’s my easy to follow tips to increase your awareness about fake antivirus programs and overall cyber security posture.
1. As a sensible computer, internet and technology user, you must be cautious about choosing your correct antivirus partner. Else, you will be in grave danger in no time. Always remember there is nothing called free lunch. If someone offers a tantalising service for free, do doubt its credibility and try to gauge why is a world-class company offering free services to you? What comes with it piggybacking?
2. Do not install multiple antivirus programs in the same PC expecting increased protection. It will be reversed in most of the cases. If you need to switch your antivirus vendor, do uninstall all the existing antivirus files, delete its traces from the Windows ‘Programs’ folder and then freshly install the new one. Else, you will start facing several operational issues as most of the reputed antivirus suites have conflicting programs installed for their proper functioning.
3. Frequently defragment the disk space to ensure efficient performance of your system memory. It is a time-consuming process indeed, so you should schedule defrag operations wisely.
4. Regularly update your antivirus and antispyware applications. If you are an intensive open internet user, you may also prefer to install a personal firewall to improve the level of protection. However, Windows comes with a default firewall but that might not be comprehensive to suit all your needs.
5. Do not open unsolicited email attachments, download and double-click free executable files (ex: file extensions like .exe, .bat, .com, .vbs, .pif, et al), click on glaring warning notices with awkward choice of words, respond to popup ads or antivirus alerts etc. It’s a good practice to configure your Operating System in a way that disables auto execution of downloaded files.
6. Scammers often mask behind popular computer security product names to gain your initial faith. You may use popular popup blockers to prevent them getting displayed in your browser at first place.
7. Avoid visiting untrusted websites or clicking links sent via spam emails. They often have pre-set applications to implant malwares into your machine.
8. If you receive virus alerts from an unknown antivirus, which you have not installed in your machine, it’s likely to be a Scareware. Take conscious efforts to identify the trustworthiness of the warning message.
9. If you happen to receive any con call stating to help you upgrading your antivirus protection, be sure about its ingenuity. Do not allow them to access your machine remotely or follow any instructions over the phone to change your current browser settings. There is a high chance of being pranked by Scarewares.
10. Do not trust the tech support contact details provided in any popup alert. They are likely to be fake. Instead, personally contact your running antivirus service provider for alert verification.
11. Subscribe to reliable cloud-based web security services to prevent Scareware attacks. They are cost effective as well as offer timely auto renewal. No need to physically purchase discs, install, activate and renew on an annual basis.
12. It is a good practice to always scan a USB stick every time after plugging into your PC. This prevents any virus which may be present there from infecting your system. Auto scanning can be enabled from your antivirus’s settings tab.
13. Rather than to trust an unknown online antivirus program, first run a full system scan by your original antivirus in case of any suspected virus infection. If it were a Scareware alert, your real computer security suite should not detect any threat.
14. In case of virus infection where you are unable to close any window or attempting to close an existing window opens further new windows, do not use the ‘X’ button in the top right corner. That gets infected first by a Scareware. Instead, press Ctrl+Alt+Del to open Windows task manager, inspect all the running programs, select the unwanted ones and hit ‘End’ to pre-empt or force stop the popups.
15. The safest solution of virus disinfection is hard disk formatting but that is not suggested always. It involves lots of technical expertise to do it effectively and also is time intense. Be sure to take back up of all your data before formatting the machine.
Photos from the Internet
#CyberSecurity #CyberCrime #ScarewareAttack #TipsAgainstScarewareAttack #DifferentTruths
Reetwika Banerjee is a Cyber Security Expert presently associated with a US consulting giant. She holds international MBA degree in Information System & Security and aims to be the face of women in security. During leisure hours, she enjoys writing books, news columns, travel blogs and films. She holds 2 World Records and 3 National Records for devising three innovative concepts in Modern Literature. A native of Kolkata, she is now a resident of Bangalore.