How to Avoid Scareware

Have you ever encountered a surprise pop-up notification with a big warning that your computer is infected? You’re smart; you’d surely recognize such a blatant attempt to scare you into installing a fake antivirus. But not everyone is as discriminating. All too many victims believe these warnings and pay good money for software that just pretends to clean up imaginary threats, or that actively installs malware. Here are some tips to make sure you don’t get scammed by scareware.

Don’t Buy It!

This is a growing problem, and it’s your fault. If absolutely nobody installed these fake antivirus and security suite programs, the bad guys wouldn’t be able to keep going. They’d find some other scam. As it is, plenty of people shell out $29.99 to register these frauds. It’s not a Madoff-level scam, but some of them are doing so well they even offer tech support. No kidding! The first they’re likely to tell you is “First, remove any existing security software…”

These rogue programs may copy user interface elements from real malware protection programs; the multi-color Windows security shield is especially popular. They often use names that sound like the real programs that you’ve heard of. Some years ago, poor grammar and spelling often blew their cover, but those currently active are much more refined.

How can you avoid getting scammed? If a security program that you never installed pops up with a dire warning, that’s a clue that you’ve been scammed. If it’s really, really hard to close the program or get out of the registration process, there’s another clue. The biggest giveaway is often their incredibly fast virus scanning. Since there’s no real scanning going on the programmers can make it as fast as they want.

Just look at the screenshot below. This rogue antivirus claims it found 489 issues, but they’re all innocuous temp files and such. What it did not find were the dozens of malware samples present on the test system. Not one!

I should point out that some legitimate programs work in a similar fashion. You can scan for free, but you must pay if you want the antivirus to take action. PC Pitstop PC Matic is an example. But in testing, its scan took more than an hour, and only quarantined actual malware. That’s a far cry from the near-instant (and useless) scareware scans.

Top-Rated Antivirus Utilities in Our Testing

• Bitdefender Antivirus Plus

  
  
  

  at

  $39.99MSRP

• Kaspersky Anti-Virus

  
  
  

  at

  $59.99MSRP

• McAfee AntiVirus Plus

  
  
  

  at

  $59.99MSRP

• Symantec Norton AntiVirus Basic

  
  
  

  at

  $49.99MSRP

• Webroot SecureAnywhere AntiVirus

  
  
  

  at

  $39.99MSRP

• Avast Pro Antivirus 2017

  
  
  

  at

  $39.99MSRP

• ESET NOD32 Antivirus

  
  
  

  at

  $39.99MSRP

• F-Secure Anti-Virus (2017)

  
  
  

  at

  $39.99MSRP

• Sophos Home Premium

  
  
  

  at

  $50.00MSRP

• Trend Micro Antivirus+ Security

  
  
  

  at

  $39.95MSRP

Fake Ransomware

Writing a ransomware program is tough. You have to devise code that encrypts the user’s files, hides from antivirus programs, and (if you’re an honest crook) transmits the decryption key to you once you’ve paid the ransom. Writing fake ransomware is a snap, by comparison. And the ransomware protection utilities that face down the real thing don’t bother with the fakes.

The typical fake ransomware webpage has a big, scary warning that you are in trouble, perhaps for viewing porn. It demands payment of a fine through some untraceable currency, maybe Bitcoin, maybe a gift card. And if you try to leave the page or close the browser, you just get a message that the browser is locked. Don’t worry; it isn’t.

Web developers can configure pages to pop up a notification when you leave, asking whether you really want to leave. The perpetrators of these fake ransom pages just leverage that simple technology, and take away your option to actually leave. All you need do to call their bluff is kill the browser using Task Manager.

Scares Everywhere

Fraudsters don’t just create fake programs to scare you into paying for non-existent malware cleanup. Some of them call you on the phone, warning that your computer is spewing viruses, or that your personal data may have been compromised. They may claim to be from Microsoft—trust me, Microsoft is not going to call you. And they want you to pay via credit card to have them remote-control your computer and fix the problem. What a nightmare!

Another scam that’s going around arrives as a threatening email. The sender claims to have recorded your visits to porn sites and other unsavory web locations, then threatens to make the recordings public unless you pay up. The ransom tends to be steep; I got one asking for $3,000. Most people can laugh this one off. However, according to a Webroot study, 44 million Americans regularly visit porn sites. Those folks might worry a bit.

And while you’re avoiding fakes, don’t forget to vet your virtual private network, or VPN. You entrust your VPN to encrypt and protect all your network traffic; you don’t want to hand over that traffic to VPN frauds. Check our reviews and pick a known and verified VPN product.

Before you consider paying money for any security program, check for reviews on reputable sites like PCMag.com. Watch out for shill sites with fake reviews set up by the roguesters themselves. Carefully peruse PCMag’s roundups of best antivirus programs. Armed with the information you’ll find there, you can make an informed choice, free of scareware worries.

Source