Scareware is a type of malicious advertisement designed to frighten users into believing their device is infected with a virus or has a critical issue. It typically manifests as a pop-up message or alert that mimics legitimate security warnings. The primary purpose of scareware is to trick users into downloading unnecessary software or paying for fake security services.

Recently, I stumbled upon a new scareware technique that mimics a cracked smartphone screen that is a result of a fake virus infection as visible in the video below.

How is Scareware Demonstrated to Users?

1. Fake Alerts: Users encounter pop-ups or alerts claiming their device is infected or compromised.
2. Urgency and Fear: These messages often create a sense of urgency, urging immediate action to avoid severe consequences.
3. Phony Solutions: The scareware offers a solution, such as downloading an app or paying for a service that supposedly fixes the issue. These solutions are either ineffective or harmful.

Below are few examples of scareware advertisements.

How Scareware Works

1. Initial Contact: Users might encounter scareware through malicious websites, fake ads, or compromised apps.
2. Misleading Alerts: The scareware displays realistic-looking alerts that mimic legitimate security software.
3. Inducing Panic: The alerts are designed to scare users into thinking their device is at risk, prompting them to act quickly.
4. Fake Solutions: Users are directed to download software or pay for services that claim to resolve the issue. These “solutions” are either useless or malicious.

How Attackers Profit from Scareware

1. Direct Payments: Attackers make money by tricking users into paying for fake security software or services.
2. Ad Revenue: Some scareware generates revenue through ads displayed within the fake alerts or the downloaded software.
3. Data Theft: In some cases, scareware can steal personal information, such as entered credit card details.

Distribution of Scareware via Calendar Events

Scareware can also be distributed through calendar events on both iOS and Android devices. This method involves sending spam calendar invitations that, when accepted, populate the user’s calendar with events containing scareware links.

1. iOS Devices: Users might receive a calendar invitation that, when accepted, adds events to their calendar. These events often contain warnings about supposed malware infections and include links to scareware.
2. Android Devices: Similar to iOS, Android users can receive calendar invitations that add events with scareware links. Additionally, malicious apps downloaded from outside official app stores can also create such events.

How to Protect Yourself from Scareware

1. Stay Calm: If you encounter a suspicious pop-up, don’t panic. Take a moment to assess the situation.
2. Verify Alerts: Use trusted security software to scan your device. Do not rely on unsolicited pop-ups or messages.
3. Avoid Clicking on Pop-Ups: Close the pop-up without clicking on any links or buttons.
4. Download Apps from Trusted Sources: Only download apps from official app stores like Google Play or the Apple App Store.
5. Educate Yourself: Stay informed about common cyber threats and how to recognize them.
6. Manage Calendar Invitations: Be cautious about accepting calendar invitations from unknown sources. Review the details before accepting.

What to Do If You Think You Have Scareware

• Run a Security Scan: Use a reputable security app to scan your device and visited websites.
• Remove Suspicious Apps: Uninstall any apps that you don’t recognize or that you recently downloaded around the time the scareware appeared.

By understanding scareware and taking these precautions, you can keep your mobile device safe and secure. Remember, staying informed is your best defense against scareware.