Browse Definitions :
Definition

scareware

Scareware is a type of malware designed to trick victims into purchasing and downloading useless and potentially dangerous software.

Scareware, which generates pop-ups that resemble Windows system messages, usually purports to be antivirus or antispyware software, a firewall application or a registry cleaner. The messages typically say that a large number of problems -- such as infected files -- have been found on the computer and the user is prompted to purchase software to fix the problems. In reality, no problems were detected and the suggested software purchase may actually contain real malware. If the user falls for the scam, he will lose the money he paid for the useless software and he may also make his computer unusable. Frequently, the message window has a clickjacking feature that takes the user to the attacker's Web site or initiates a malware download if the user clicks "Cancel" or the "X" to close the window.

In October 2008, Microsoft and the Washington attorney general sued two Texas-based companies, Branch Software and Alpha Red. Those two companies are responsible for Registry Cleaner XP, a very common scareware program. In December 2008, the Federal Trade Commission (FTC) initiated a restraining order against two companies in the United States, Innovative Marketing, Inc. and ByteHosting Internet Services. Scareware programs produced by those companies include DriveCleaner, WinAntivirus, ErrorSafe, WinFixer and XP Antivirus.

If you encounter a suspicious pop-up, you should right-click on the item in the task bar and select "Close" or manually exit the browser by clicking Ctrl-Alt-Delete. To protect your system from future attempts, install a good pop-up blocker and configure it to prevent pop-ups from sites other than those that you specifically allow.

This was last updated in August 2010

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • data breach

    A data breach is a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or ...

  • zero-day (computer)

    A zero-day vulnerability, also known as a computer zero day, is a flaw in software, hardware or firmware that is unknown to the ...

  • Cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

SearchHealthIT

SearchDisasterRecovery

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

  • business continuity policy

    Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk ...

SearchStorage

  • business impact analysis (BIA)

    Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to ...

  • RAID (redundant array of independent disks)

    RAID (redundant array of independent disks) is a way of storing the same data in different places on multiple hard disks to ...

  • dedicated cloud

    A dedicated cloud is a single-tenant cloud infrastructure, which essentially acts as an isolated, single-tenant public cloud.

Close