Part of the Application security glossary:

Scareware is a type of malware designed to trick victims into purchasing and downloading useless and potentially dangerous software.

Next Steps

Scareware, which generates pop-ups that resemble Windows system messages, usually purports to be antivirus or antispyware software, a firewall application or a registry cleaner. The messages typically say that a large number of problems -- such as infected files -- have been found on the computer and the user is prompted to purchase software to fix the problems. In reality, no problems were detected and the suggested software purchase may actually contain real malware. If the user falls for the scam, he will lose the money he paid for the useless software and he may also make his computer unusable. Frequently, the message window has a clickjacking feature that takes the user to the attacker's Web site or initiates a malware download if the user clicks "Cancel" or the "X" to close the window.

In October 2008, Microsoft and the Washington attorney general sued two Texas-based companies, Branch Software and Alpha Red. Those two companies are responsible for Registry Cleaner XP, a very common scareware program. In December 2008, the Federal Trade Commission (FTC) initiated a restraining order against two companies in the United States, Innovative Marketing, Inc. and ByteHosting Internet Services. Scareware programs produced by those companies include DriveCleaner, WinAntivirus, ErrorSafe, WinFixer and XP Antivirus.

If you encounter a suspicious pop-up, you should right-click on the item in the task bar and select "Close" or manually exit the browser by clicking Ctrl-Alt-Delete. To protect your system from future attempts, install a good pop-up blocker and configure it to prevent pop-ups from sites other than those that you specifically allow.

This was last updated in August 2010
Posted by: Margaret Rouse

Related Terms

Definitions

  • application whitelisting

    - Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applicatio... (SearchSecurity.com)

  • TDL-4 (TDSS or Alureon)

    - TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious pr... (SearchSecurity.com)

  • application blacklisting

    - Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only tho... (SearchSecurity.com)

Glossaries

  • Application security

    - Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.

  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Windows

    - Terms related to Windows, including definitions about bugs or patches and words and phrases about Microsoft operating systems.

Dig Deeper

People Who Read This Also Read...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question
  • Have you tried Microsoft Security Essentials?

    Doubtful for our organization. We use Symantec Endpoint Protection And Symantec Antivirus depending on the version of the OS. =========== It's not an enterprise ready tool like their Forefront sec...

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top