Scare ware- What to do and what not to do when you bump into it

Scare ware is aptly named. It’s also very dangerous. A scare ware attack happens suddenly, and it looks like you’re being warned of a computer infection. In practice, it’s intended to trigger a reflex reaction, and your computer can be infected before you know it. If it happens to someone in your business network, it can be a truly deadly attack, using Trojans to infect your computer, or even your whole network. You and your local IT Support need to be up to speed, and your staff need to know what’s going on and what to do about it.

Scare ware is a result of a web page or picture being infected by malware. The page is given an overlay, which acts like a link, triggering an attack. In many cases, the site owners don’t even know they have a problem. A typical scare ware attack A scare ware attack happens almost instantaneously when you click on an infected page. The attack happens in three stages:

1. A security notice, often with an authentic looking logo like the Microsoft security logo appears as a dialog box on the screen. The box contains a worrying message, like “Your Microsoft anti virus security has been compromised”.

2. Whatever you click, you get another dialog box, an .exe file, which contains the dangerous malware. The page is loaded to respond to any click by loading this file.

3. If you click the .exe file, your computer will definitely be infected by malware, unless your anti-virus software is up to date. The real trick is that you’ve already been infected. The first click loads a thing called a Trojan Proxy Agent, which can effectively mean that all your personal information is vulnerable, and your computer can be controlled remotely and used for illegal purposes. There’s no need to explain how dangerous these attacks are. What you need to know is that these attacks are generated and sponsored by professional criminals and organized crime. Anything you can do to protect yourself and hit back will help fight these criminals, and as we’re about to show, there’s plenty you can do. What you can do about scare ware

1. When you see an attack:

1.Don’t click anything on the web page. Close the tab, using the browser. (If the computer is part of a business network, notify your Business IT Support immediately.)

2.Disconnect the internet router or wireless connection. Until you’re sure your computer is not infected, use another computer.

3.Notify your bank that you’re concerned about a possible computer infection. They’ll make a note of it, in case anything happens. Banks are very well aware of the problems, and you can expect a sympathetic hearing.

4.Run a security scan, immediately. Check your anti virus quarantine for anything it may have already caught. Remove anything you find.

5.Use Microsoft malware removal tool as a secondary check. This is downloadable from the Microsoft Security site.

After the attack

You can now hit back, and get some vindication.

   1.Try and remember the URL of the site which attacked.

   2.Report the site to Google.

    3.Notify your Federal communications authority, or the FBI’s IC3 site. There are believed to be literally hundreds of thousands of them. Anything you do will help shut down these sites.

15 thoughts on “Scare ware- What to do and what not to do when you bump into it”

  1. Avatar of Students Cloud
    Students Cloud

    Really, a great write up which helps a lot. Now a days scare ware spread every where most probably. Thanks to secure myself.

  2. Avatar of Nada

    Base on my experience,deepfreeze is pretty good tool but i encountered some error like some of my files was corrupted.

  3. Avatar of David

    By now you would think most users could tell that the pop-up is inside a browser and not a local Window so they wouldn’t click on it. But, unfortunately they do. I get call and emails every couple of days from clients either wanting me to help them clean their machines or thanking me for convincing them to install a good virus/malware tool to help them prevent any damage from such attacks.

  4. Avatar of Sean

    Some good handy tips there lawmacs, thanks for the post. Not sure if I’d rely on Microsoft’s Malware checker but sound advice otherwise.

  5. Avatar of website development
    website development

    You should try to protect you using a software like firewall, which allows to send you a data from a defined resources.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top