Suppose you are working on your computer and suddenly an alert pops up telling you that your computer is infected with a virus. Would you be able to tell whether this alert is legitimate? Don't feel bad if you said "no". Cybercriminals have become adept at creating fake malware alerts, so it is sometimes hard to determine whether an alert is legitimate.
Fake malware alerts are a type of scareware. Scareware is designed to frighten people into purchasing or downloading useless and potentially dangerous software. With fake malware alerts, hackers are trying to scare people into purchasing or downloading useless anti-malware programs in order to make money or spread malware. Here is what you need to know to avoid falling victim to this type of scam:
The Most Common Types of Fake Malware Alerts
There are several ways cybercriminals can present fake malware alerts. The three most common types are:
- Browser pop-ups: Fake malware alerts sometimes take the form of browser pop-ups. Hackers often make these alerts appear as if they are from well-known security applications (e.g., McAfee, Symantec).
- Website advertisements: Fake malware alerts often are presented as an ad when visiting websites. For example, an ad might claim that a security scan was performed and the scan found viruses, spyware, or other types of malware on your computer.
- System tray notifications: Fake malware alerts also can be made to look like task bar notifications. For instance, a fake notification might look like it is a message from your operating system and tell you that your computer is infected with malware.
No matter what form they take, fake malware alerts urge you to click a button or link. Doing so usually leads to a website where one of two scenarios occurs. In one scenario, the site tries to get you to purchase a security program that will supposedly remove the malware on your computer. However, the bogus program will likely do nothing except claim it took care of the problem. Even worse, the purchased program might include malware. In the other scenario, the site offers a free fake security program. In this case, the free program almost always contains malware.
What You Can Do to Avoid Being Scammed
There are several measures you can take to avoid falling victim to fake malware scams. For starters, make sure that your web browser is configured to block pop-ups. Pop-up blockers are usually enabled by default, but sometimes people disable them. Pop-up blockers will stop some, but not all, pop-ups.
You should also have security software installed on your computer and be familiar with what its malware alert looks like. That way, you will be better able to spot a fake one.
Another measure you can take to avoid being scammed is to remain calm if an alert pops up and closely look at it before taking any action. The alert is likely a scam if:
- It is supposedly from security software that is not installed on your computer.
- It is supposedly from your security software, but it looks different than what your alert normally looks like.
- It tells you an online security scan was performed, but all you did was visit a web page (it is impossible for anyone to know what infections are on your computer when you simply visit a web page).
- It tells you that many different malware programs were detected on your computer (legitimate security software performs scans frequently, so most alerts notify you that only one malware program has been found).
Once you determine that a malware alert is fake, ignore it if possible. It is important not to click any options that read along the lines of "Ignore" or "Cancel". Clicking these options (and sometimes even clicking the "x" to close the alert box) might send you to the hacker's malicious website.
When the fake malware alert cannot be ignored (e.g., it covers a large part of your screen), you can close your browser. If you are unable to close it the normal way, you can force it to quit. On Windows computers, press Ctrl+Alt+Del (press the Ctrl, Alt, and Del keys at the same time), select "Start Task Manager", highlight the browser task, and click "End Task". On Apple Macintosh computers, press Command+Option+Esc, highlight the browser task, and click "Force Quit".
A Little Knowledge Goes a Long Way
Cybercriminals count on people being scared by fake malware alerts. You can take fear out of the equation by being knowledgeable about this type of scam. You will also be in a better position to spot these fake alerts. If you would like more information or if you have any questions about this type of scareware, give us a call.