WHAT IS SCAREWARE AND
HOW ANTIVIRUS STOPS IT?
Over the past few years, scareware (rogue security software)
quickly emerged as the most profitable monetization strategy
for cybercriminals to exploit. Due to aggressive advertising
practices by cybercrime gangs, thousands of users are
scammed on a daily basis, and the gangs themselves earn
hundreds of thousands of dollars in the process. In this post
you will learn what scareware is, the risks its installation
poses, what it looks like, its distribution channels and, most
importantly, how to recognize it, avoid it using antivirus
software or any other method, and report it to the security
What Is A Scareware?
Basically, scareware, also known as rogueware or in simple
terms, fake security software, is a legitimate looking
application that is delivered to the end user through illegal
traffic acquisition tactics from compromised websites,
malicious advertising u black hat search engine optimization,
to finally try to fool the user into thinking that their computer is
already infected with malware, and that buying the app will
help you get rid of it.
Upon execution, certain versions of scareware will not only
prevent legitimate antivirus software from loading, but will also
prevent it from reaching their update locations in an attempt to
ensure that the end user cannot obtain the latest signature
database. Furthermore, it will also try to make its removal a
slow process by blocking the execution of system tools and
There have also been cases where scareware with
ransomware elements has been encrypting an infected user's
files, requiring a purchase to decrypt them, as well as a single
reported incident where a scareware domain was also
embedded with client-side exploits. .
At the moment, the scareware versions are exclusively aimed
at Microsoft Windows users.
How Does It Work?
Due to the fact that the scareware campaigns maintained by
partners on the affiliate network use a standard template