How Antivirus Software Functions
Over the past few years, scareware (rogue security software) quickly emerged as the
most profitable monetization strategy for cybercriminals to exploit. Due to aggressive
advertising practices by cybercrime gangs, thousands of users are scammed on a
daily basis, and the gangs themselves earn hundreds of thousands of dollars in the
process. In this post you will learn what scareware is, the risks its installation poses,
what it looks like, its distribution channels and, most importantly, how to recognize it,
avoid it using antivirus software or any other method, and report it to the security
What Is A Scareware?
Basically, scareware, also known as rogue ware or in simple terms, fake security
software, is a legitimate looking application that is delivered to the end user through
illegal traffic acquisition tactics from compromised websites, malicious advertising u
black hat search engine optimization, to finally try to fool the user into thinking that
their computer is already infected with malware, and that buying the app will help you
get rid of it.
Upon execution, certain versions of scareware will not only prevent legitimate antivirus
software from loading, but will also prevent it from reaching their update locations in
an attempt to ensure that the end user cannot obtain the latest signature database.
Furthermore, it will also try to make its removal a slow process by blocking the
execution of system tools and third-party applications. There have also been cases
where scareware with ransomware elements has been encrypting an infected user's
files, requiring a purchase to decrypt them, as well as a single reported incident where
a scareware domain was also embedded with client-side exploits. At the moment, the
scareware versions are exclusively aimed at Microsoft Windows users.
How Does It Work?
Due to the fact that the scareware campaigns maintained by partners on the affiliate
network use a standard template distributed to all of them,