Scareware: Spotting and avoiding fake antivirus scams

According to reports, fake antivirus scams are rapidly becoming a top threat to Internet users. Also known as "scareware" scams, they basically spook victims into willingly divulging personal information, most notably, their credit card details. The numbers are pretty staggering. Last October, Symantec (makers of Norton security products) reported that it found more than 250 different scareware threats. The FBI says that it is aware of losses totaling more than $150 million. Experts add that because of how they work, and fast they are multiplying, detecting and stopping fake antivirus software is a tough challenge for security software.

Once established on your PC, these fake antivirus programs can be exceptionally difficult to remove for those that are not computer savvy -- and even a challenge for those that are. Basically, the scareware will grab hold of your computer, preventing you from doing pretty much anything other than paying for the fake antivirus software. Some of these programs are so aggressive in their tactics that they won't even allow easy booting into Windows Safe Mode.

In addition to maliciously preventing their removal once they've captured a computer, these antivirus scams are becoming more predatory in how they're being distributed. Reports say that links to scam antivirus software are being pushed out via popular sites such as Facebook. Some scammers use Google and other search engines to spread malware by creating pages that turn up in popular searches, or in searches on significant news events, such as the earthquake in Haiti.

If your security isn't up to date, you can be infected by scareware simply by visiting a rogue site. However, it's far more common for victims to be tricked into actually installing the malware themselves. Fake antivirus scams spoof legitimate Windows pop ups, reporting that your computer is infected and recommending in the strongest possible terms that you either accept an important "update," scan your system for threats, or take some other action. And then the fun begins.

Should you become infected, the very last thing you should do is surrender and offer up a credit-card number. That opens you up to even more serious problems such as identity theft and unauthorized usage beyond what you initially pay to the scammers. In addition, paying for the scareware might disable it for the time being, but it doesn't get rid of it, leaving you vulnerable to future attacks.

Removing the malware might seem to be an insurmountable task, but it is doable. You can get step-by-step instructions for removing the most common scareware programs from various sites on the Internet, including BleepingComputer.com. There are also several user forums where volunteers are available to help users cleanse their systems. Some examples include SpywareInfo.com, WhatTheTech.com and SpywareWarrior.com.

Of course, the best way to deal with the effects of scareware is not to let your computer become infected in the first place. Follow all of the usual safe-computing tips, including making sure that you stay on top of security-related updates for Windows, as well as for your installed programs. You should also install and use quality security software from a known and trusted source -- and keep it updated at all times. You can find some good choices in the ConsumerSearch reports on antivirus software, anti-spyware software and internet security suites.

Avoid clicking on links delivered via email or messaging software unless you're absolutely certain where they'll take you. To avoid malware making unauthorized changes, set up user accounts instead of using an administrator account. Should an unexpected and suspicious looking "security warning" window pop up, close it, don't click on it. As an FYI -- a "security scan" running inside a browser window is pretty much always a scam.