Scareware is a type of malware that uses threats and warnings to coerce a computer user into making an unwanted purchase.
Imagine the following scenario: You receive an unexpected e-mail with an attachment from a source you don't recognize. Against your better judgement, you open the attachment. A few moments later, a notification window appears stating that your computer has been infected by a computer virus and that you need to purchase a specific antivirus application to remove the virus. You close the notification window only to have a new window appear warning you of the infection, and warning that failure to purchase the advertised antivirus application could result in damage to the computer, your career, and your personal relationships.
The scenario just described is a typical situation that might play out on a computer infected by scareware.
Scareware is any application that tries to shock or frighten a user into taking some sort of action, most commonly purchasing unwanted software. Quite often the purchased application is either completely fictional, non-functional, or another piece of malware.
Scareware may come in the form of a virus that has infected a computer system, or it may be a website pop-up window or banner with text warning that the user's computer has been infected with malware.
Frequently Asked Questions
Is ransomware a type of scareware?
Ransomware is a special type of scareware that restricts a users access to part of a computer system, and demands that the user make a payment in order to restore access to the restricted portion. Quite often the ransom demand is coupled with a threat of further restrictions if payment is not received by a certain deadline. Unfortunately, some ransomware is actually quite effective, and can result in portions of a hard drive being irreversibly encrypted. However, paying a ransom offers no guarantee that the restricted portion will be restored, so users affected by ransomware should immediately consult a computer security professional rather than pay the demanded ransom.
Does all scareware demand a payment?
While most scareware is distributed in an attempt to coerce users of infected systems into paying for unwanted software, not all scareware demands a payment. Prank software is a type of scareware that tries to shock or scare users of infected systems without demanding payment. Examples of common prank software include:
- NightMare is an early example of prank software dating back to 1991. Once executed, NightMare would remain dormant for a random period of time, after which the entire screen of the computer was changed to an image of a skull accompanied by a loud shriek.
- Some prank software provides users with prompts with no acceptable options. For example, a dialog box may appear asking the user something like “Erase everything on the hard drive?” and provide two options, both marked “Ok”, and both performing no action at all when pressed.