What is scareware and why does it pop up in your browser?
Imagine you’re enjoying a quiet evening surfing the web – maybe watching cute cat videos or scrolling through social media – when suddenly a brightly colored pop-up bursts onto your screen. It screams, “Your computer is infected with a dangerous virus! Act now before it’s too late!”
Conveniently, there’s also a handy “solution” – an antivirus software ready for you to download. Sounds familiar? Welcome to the shady world of scareware.
by Alyssa SchmittEven if a warning seems alarming and urgent, keep calm and look closely before you click a pop-up
What is scareware?
Scareware is a tactic that cybercriminals use to trick you into believing there is an emergency that has to be addressed immediately. For example, they try to scare you into downloading fake antivirus software or other tools by displaying a warning claiming your device is in danger. But the “help” they offer is the real danger – in reality, you are downloading malware or handing over personal information or even money.
Scareware is a classic example of “pretexting,” a social engineering technique where a scammer manipulates you by creating an alarming but false scenario. In the case of scareware, the pretext is the fake warning, which creates a sense of fear and urgency. The scammer exploits this feeling by convincing you to act quickly and impulsively.
The history of scareware
The first scareware appeared in the early 2000s, disguised as fake antivirus programs. Just like today, these pop-ups would claim your computer was infected with a virus – or dozens of viruses – and pressure you to buy a solution to fix the problem. As internet use grew, scareware evolved into other forms, like fake tech support alerts or phony update notifications, all designed to play on users’ anxieties so they would panic and make a hasty decision.
How does scareware work?
Scareware is programmed to open automatically when you visit a specific website or open a certain app. Here’s a classic example of scareware: You’re browsing the internet on your laptop or phone when a pop-up appears and warns you that your device has been infected with malware. To “fix” the problem, the pop-up urges you to download or purchase specific software. The catch? That software is either completely fake – or contains the actual malware.
You heard that correctly – if you click on the link, you might:
Lose your money buying useless software, OR
Accidentally download a virus, spyware, or other malicious software.
However, there is some good news: The warning itself isn’t harmful. So, don’t panic just because a scareware pop-up appears. As long as you don’t click on it, download anything, or enter any personal data, you’re safe. Simply close your browser or the page where the pop-up appeared.
Examples of scareware
Cybercriminals have perfected the art of panic-inducing pop-ups. Here are three examples of their handiwork you may be familiar with:
Fake antivirus programs: “Warning! Your device is infected with a virus! Click here to remove it.” These pop-ups often feature logos that look suspiciously like well-known security brands, e.g. Norton or McAfee.
Fake update notifications: “Your browser is out of date! Update now to stay safe from threats.” Again, the pop-up will imitate the look and feel of an actual browser program. Another example would be a fake Microsoft update notification popping up on a random website.
Fake law-enforcement messages: A message pops up – sometimes blocking your entire screen – claiming to be from the FBI or the police. It accuses you of illegal activity and demands you pay a “fine” immediately.
How do you get scareware?
Scareware can sneak onto any device, whether you’re using a computer, smartphone, or tablet. Most commonly, it makes its appearance when you:
Visit sketchy websites.
Click on deceptive phishing links or pop-ups.
Download apps or software from untrustworthy sources.
Have malware on your device.
Are running outdated software.
Removing scareware
If you are confronted with a flood of fake warnings – or simply one very persistent pop-up, there are steps you can take to stop the scareware infiltration:
Disconnect your device from the internet.
Run an antivirus scan with a legitimate antivirus program. If any threats are identified, follow the prompts to remove them.
Remove fake programs manually. If the problem persists, it is also possible to uninstall fake programs in your device settings. For example, on a Windows computer, go to the Control Panel. Look at the list of programs or apps on your device and delete the sketchy software by selecting “Remove” or “Uninstall”. Then empty your device’s Trash folder
How to prevent scareware pop-ups
As the old saying goes, “an ounce of prevention is worth a pound of cure”. So, your best protection against scareware is to learn how to spot fake pop-ups and not engage with them:
Stay skeptical: Legitimate antivirus programs or other software don’t use aggressive pop-ups with exclamation marks, ALL CAPS, and urgent countdowns.
Check for signs of fraud: Spelling errors, poor grammar, or overly dramatic language are red flags.
Close suspicious pop-ups: Never click on them or follow their instructions. Close the entire browser if necessary.
Be cautious about what you share: Never disclose personal data, like passwords or credit card details, in response to pop-ups.
And, most importantly, always practice good cyber hygiene. If you keep your software up to date, including your operating system, browser program, antivirus software, and firewall, and only download apps and updates from official sources, you will significantly reduce the risk of scareware making an unwelcome appearance on your device.
Do pop-up blockers stop scareware?
Scareware often uses pop-ups to deliver fake warnings or alerts, so a pop-up blocker can prevent many of these from showing up on your screen. However, some scareware is more sophisticated and may appear as part of a website you visit – or even be able to bypass pop-up blockers. To stay safe, it’s a good idea to combine a pop-up blocker with reputable antivirus software that is updated regularly. If a threatening pop-up appears despite an activated blocker, it’s best not to click on it or any of the links it contains – instead, close it by closing the browser window.
FAQ: Scareware
What is the definition of scareware?
Scareware is a type of malicious software designed to scare users into taking action – e.g., purchasing fake antivirus programs or downloading harmful software – by displaying alarming warning messages.
What is a scareware pop-up?
A scareware pop-up is a fake warning message that appears on your screen. For example, it might claim your device is infected with a virus or that an urgent update is needed. Its goal is to trick you into paying for a fake solution, downloading malware, or disclosing personal data.
What is an example of a scareware attack?
A classic example of scareware is a pop-up that claims your computer is infected with a virus and urges you to buy or download software to fix it. In reality, the software is either useless or malicious.
What is scareware and ransomware?
Scareware tricks you into paying money or installing malicious programs through fear tactics, while ransomware takes it a step further by locking your files and demanding payment for their release.
How is spyware different from scareware?
Spyware secretly collects your personal data without your knowledge, while scareware openly tries to frighten you into taking immediate action, e.g., clicking a download link or making a payment.
While scareware might seem like just another internet annoyance, it’s a serious problem that preys on human fear and confusion. We hope this article will help you avoid falling victim to these scams! We look forward to your feedback below.
And if you still don’t have a mail.com account, sign up for free today!
