Scareware

The term scareware is made up of the English word “scare”, which translates as frightening, and the word part “-ware” of software. Scareware is a program that specifically triggers frightening moments and uses them for fraud attempts. For example, by reporting a fictitious virus discovery and offering a paid program to remove these alleged viruses. Scareware is one of the malware programs.

What does scareware mean in detail?

The principle of scareware is based on a psychological fact: strong emotions such as fear lower human judgment. That’s why scareware typically tries to induce anxiety, such as:

• Fake virus warnings (fake antivirus), e.g. as a pop-up in the Internet browser
• Simulated hacker attacks (mostly as animations)
• Alleged fines for fictitious violations of the law
• A claimed encryption of your data

The cybercriminals‘ calculation: due to the fear triggered and the pressure to react quickly, the attacked users act hastily. They forgo safety precautions and checks that they would normally do. As a result, they download potentially harmful programs or transfer money to the cybercriminals.
Many fake antivirus and fraudulent fines look serious at first glance. They use logos, fonts and colors that resemble reputable virus scanners or authorities. However, when checked, they turn out to be fake.

Scareware can have different purposes:

• Money transfers by the user
• Download a program by the user. At best, this program is useless, but it costs money or asks for monetary payments. However, such programs often contain malware
• (malware) such as Trojan horses

>> Scareware is fraud, i.e. a criminal offence.

Where do I encounter the topic of scareware in my everyday work?

In principle, you can encounter it in many places:

• When surfing the Internet by a sudden warning
• During everyday work by a warning from a previously installed program
• Quite surprisingly, for example, by an alleged hacker attack
• On the computer of a frightened colleague who asks you for advice

What can I do to improve my security?

In acute cases: Whatever happens, consider that you will be deliberately manipulated through your fright. Therefore, react calmly and not via the infected computer:

• Document warning messages, alleged hacker attacks, blackmail attempts and fines by means of photos, ideally with a smartphone, for example. Then you can check them at your leisure away from the device.
• Whatever you do, don’t download programs, don’t transfer money.
• Remove yourself from the computer. If you wish, disconnect the device from the Internet and/or from the power supply. This is probably not necessary, but it serves your personal reassurance.
• Check the documented messages via other devices or your smartphone. Get support from your IT department or from an external IT security service provider such as Perseus.
• Usually, your computer is later checked by a legitimate virus scanner, and any malware is then removed.
• Report scareware incidents, which are fraud attempts.

For prevention: Many measures to increase your company’s cybersecurity also protect against scareware. Raising awareness among employees with regard to scareware is particularly important. It enables your employees to act prudently in acute cases and avert damage to your company. Show your employees examples of typical scareware warnings, discuss a fixed procedure for acute cases and practice it together.

Make it clear to everyone involved:

• No reputable virus scanner will scan your computer without your consent, and no reputable virus scanner will ask you to pay before it removes an infection it detects. Do you encounter such
• processes, it is scareware (more precisely: fake antivirus software)
• Nowadays, hacker attacks usually go unnoticed. A demonstrative attack is probably scareware.
• No authority charges fines via screen displays and no authority accepts payments in digital currencies such as Bitcoins, U.CASH, etc.

Learn more

Report a scareware incident to the Reporting Office for Cyber Security in Germany: https://www.allianz-fuer-cybersicherheit.de/Webs/ACS/DE/IT-Sicherheitsvorfall/Unternehmen/unternehmen.html?