Scareware is a social engineering scam that preys on fear to trick people into downloading malware, losing money, or giving away personal data.
Understanding scareware
Scareware typically starts with a deceptive message, often as a pop-up window, spoofed text, or phishing email. The hallmark of scareware is its use of scare tactics, such as threats of computer viruses or legal action, to pressure victims into taking immediate action.
These deceptive messages often appear legitimate, using the logos of well-known companies or disguising themselves as system notifications or antivirus program reports.
Types of scareware scams
Fake virus scams
One of the most common tactics employed by cybercriminals is the use of fake virus scams. These scams typically involve pop-up messages that warn users about malware infections on their devices. These pop-ups often mimic the appearance of antivirus software scan reports, making them appear convincing to unsuspecting users. The scammers then direct users to download fake security software, which not only steals their money but may also install additional malware on their devices.
Fake tech support
Another popular scareware scam involves scammers posing as tech support personnel from reputable companies like Apple or Microsoft. These scams often begin with a pop-up message instructing the victim to call a phone number for assistance. In some cases, scammers may even cold call their victims. Once the scammer establishes contact, they employ various tactics to trick the user into uninstalling genuine security software and granting remote access to their device. From this point, the scammer can either steal sensitive data from the victim or install malware.
Tech support scammers sometimes charge victims for fraudulent services, as in the 2019 Office Depot scandal. Employees of Office Depot were found to be running fake scans on customers' computers and using the results to sell unnecessary repair services. This scandal resulted in significant financial penalties for Office Depot and its partner, Support.com.
Malvertising
Malvertising is a scam where hackers hijack ads on platforms like Facebook and Google, using them to spread viruses and malware. In the context of scareware, users may encounter an advertisement on a webpage offering free antivirus software.
Law enforcement scams
In law enforcement scams, cybercriminals masquerade as police officers or FBI agents to intimidate and deceive their victims. This scam typically involves a pop-up informing the victim that illegal material has been found on their device. To resolve the supposed issue, the scammers demand payment, promising to make the problem disappear. Sometimes, these pop-ups even lock the victim's screen until the payment is made, adding additional pressure to comply.
Read more: How to guard against scareware
How scareware operates
When users follow the instructions provided by scareware messages, several outcomes are possible:
Data theft
In some cases, victims are led to scam websites where they enter their credit card information to purchase fake security software. This software is nonexistent, and scammers use this opportunity to steal the victim's data, potentially leading to identity theft.
Worthless software
Scareware may also trick users into paying for entirely useless software, except for possibly slowing down their devices.
Malicious software
Scareware can serve as a trojan horse, delivering malicious software like spyware, which secretly collects personal data without the victim's knowledge.
See also: HIPAA Compliant Email: The Definitive Guide
In the news
The Spanish National Police successfully apprehended a Ukrainian national, internationally wanted for orchestrating a scareware operation from 2006 to 2011. This extensive scheme infected hundreds of thousands of computers worldwide, displaying misleading pop-up messages that tricked users into believing their systems were compromised by malware. Victims were coerced into paying $129 for a bogus security program, purportedly capable of cleansing their devices. This operation defrauded consumers of over $70 million globally.
The suspect was arrested on June 11th, 2023, at Barcelona-El Prat airport, following intelligence gathered by Spanish authorities about his flight plans. The arrest was facilitated by an Interpol Red Notice issued by the United States. Following his capture, the suspect was presented to the Central Investigating Court number Six of the Spanish National Court and placed under immediate custody due to the grave nature of the charges. This arrest follows the Spanish police's recent dismantling of a large-scale phishing operation, proving their ongoing efforts to combat cybercrime.
FAQs
What is scareware and how can it affect the healthcare industry?
Scareware is fake security software that tricks users into thinking their system is infected. In healthcare, it can disrupt operations, compromise patient data, and lead to financial losses.
How is scareware different from other types of malware like viruses or ransomware?
Scareware uses fake alerts to scare users into buying bogus software, unlike viruses that spread or ransomware that locks data for ransom.
What are some common indicators that a computer system in a healthcare setting might be infected with scareware?
Signs include frequent fake virus warnings, system slowdowns, prompts to buy software, and unauthorized charges for security services.
What measures can healthcare organizations take to protect themselves from scareware attacks?
Protect against scareware by training staff, using reliable antivirus software, keeping systems updated, and employing strong network security.
See also: HIPAA Compliant Email: The Definitive Guide
Farah Amod
