In last week’s blog article, we discussed what scareware was and what it could do to your computer. In this article, our experts at FraudWatch International provide an insight into how to spot a scareware attack, the steps you can take if you think you have been a victim of an attack, and also handy tips on defending against an attack.

Our Experts Explain

Identifying Scareware

Scareware attacks often use a standard type of message, a red screen, showing a security logo and a dialogue box. It will warn that your computer’s security has been compromised and you’ll be instructed to click the dialog box.

The problem is, this dialogue box is a fake. Nothing happens when you click it (at least that’s what you are lead to believe). In reality, the entire screen is rigged with an “overlay” of a dialogue box image and no matter where you click on the screen, you will trigger the download of the malware, which will then infect your computer.

If you’re lucky, and you identify the scam quickly enough, you can close the tab without clicking on anything, and the malware might not activate.

Combatting a Scareware Attack

So, what can you do to defend yourself against a scareware attack? Our experts at FraudWatch International provide the following suggestions:

• Should you see a suspicious pop-up window, shut down your browser. This can be done by right-clicking on the relevant item in the task bar and select “Close” or manually close the browser by using the keyboard and pressing Ctrl-Alt-Delete.
• Unplug your modem or router, to cut off Internet access.
• Don’t login to any online banking or enter any personal information. Some Trojans contain keystroke-loggers which capture any information you enter on the keyboard.
• Run a full virus scan.
• Check Quarantine folders in your AV Software to see if your browser has already discovered and isolated any viruses (running a full scan is still important to make sure you got everything).
• Run anti-malware software, if you have it. Microsoft offer anti-malware features which scan the registry and other system files.
• Restart the computer. If it is slow to boot up or displays any unusual behaviour, the infection may still be present.
• Speak to the Tech Support from your financial institution and tell them that you are concerned about a possible scareware attack. It’s a good idea to have it recorded on your file, in case there are any future issues.

If you’re still not sure if you’ve removed all the threats, get help from an IT professional.

Defending Against Scareware Attacks

The best defense against any online scam is to always be sceptical of any offer (free or paid) which pops up a window suggests that you download and install something.

1. Use only a legitimate antivirus/antispyware product that you trust
2. Be sceptical of any online offers. If any web page sets of alarm bells in your mind, press ALT-F4 on the keyboard to shut down your browser and stop the downloading of any scareware.
3. Never open file attachments from strangers, or anyone offering software to download. Be suspicious of any sales pitch emails that include attachments: these are almost always scams. Delete these messages immediately, before they have a chance to infect your computer.
4. Read email in plain text. Avoiding HTML email is not as pleasing to the eye, but any suspicious HTML links will be displayed in their true form.

1. Install a pop-up blocker and configure it to inhibit pop-ups from sites you haven’t already authorised.

Staying on the ball, while browsing the Internet and checking emails, can be the difference between you becoming a victim or beating the scammers.