Criminals have developed a new strategy to access computers that has proven surprisingly effective. Scareware. Designed to look like legitimate ‘protection’ software, scareware delivers a false alert, informing users that their computer has an infection or problem, and that they should install a program to help. Ironically, the “helper” program is itself a trojan, carrying software designed to spy on users, install other malware, assist with identity theft, or even give full control of a computer to someone overseas. Some estimate that over one million computer users each day are being tricked into downloading this new breed of malware.
Many free and consumer oriented security software packages are ill-equipped to deal with these new threats. Often the first thing the scareware does is to disable any existing security software on the target computer. Some of the more aggressive software solutions sometimes use so much of a computer’s resources that they may slow down a computer to the point of utter annoyance.
Even experienced users might accidentally allow something to run that looks safe. Many scareware packages look just like regular system updates, and since contemporary operating systems “cry wolf” so often, many people have gotten used to hitting that accept button without a second glance.
Sometimes these false alarms will look very much like a real threat. The image at right for example – totally fake. It looks like a Windows firewall notification, but it isn’t. If you are browsing the web and come across something that looks something like this, our team recommends that you immediately close your browser and all browser windows. If a website is recommending that you install something to protect your computer, or is suggesting that you might be infected with something, keep your guard up, and don’t install anything unless you are certain of where it came from, especially security software. Security experts also recommend that users operate systems with a “standard user” account, logging in as an administrator only when they need to install something. This simple step can significantly slow down attacks because it makes it much harder for new software to be installed.
Because scareware looks so real, eliminating the ability for this kind of malware to ever present itself to users has proven to be the most effective way to keep it at bay. Large corporations following industry best practices typically deploy a hardware appliance that sits between an office network and the internet to keep anything malicious from getting near data and productive employees. Unfortunately, these solutions can cost thousands, and usually a combination of several is necessary to address different varieties of technology risk.
To protect small and medium businesses from scareware and other threats, we have worked hard to bring our customers the Grizzly Secure Gateway. It provides ‘just in time’ network defense from all kinds of internet attacks, including scareware, and updates several times each day to make sure the entire office is as productive as possible. Let us know if you have any questions, or take the time to learn more about how Grizzly can protect productivity for your company.