Scare ware is aptly named. It’s also very dangerous. A scare ware attack happens suddenly, and it looks like you’re being warned of a computer infection. In practice, it’s intended to trigger a reflex reaction, and your computer can be infected before you know it. If it happens to someone in your business network, it can be a truly deadly attack, using Trojans to infect your computer, or even your whole network. You and your local IT Support need to be up to speed, and your staff need to know what’s going on and what to do about it.
Scare ware is a result of a web page or picture being infected by malware. The page is given an overlay, which acts like a link, triggering an attack. In many cases, the site owners don’t even know they have a problem. A typical scare ware attack A scare ware attack happens almost instantaneously when you click on an infected page. The attack happens in three stages:
1. A security notice, often with an authentic looking logo like the Microsoft security logo appears as a dialog box on the screen. The box contains a worrying message, like “Your Microsoft anti virus security has been compromised”.
2. Whatever you click, you get another dialog box, an .exe file, which contains the dangerous malware. The page is loaded to respond to any click by loading this file.
3. If you click the .exe file, your computer will definitely be infected by malware, unless your anti-virus software is up to date. The real trick is that you’ve already been infected. The first click loads a thing called a Trojan Proxy Agent, which can effectively mean that all your personal information is vulnerable, and your computer can be controlled remotely and used for illegal purposes. There’s no need to explain how dangerous these attacks are. What you need to know is that these attacks are generated and sponsored by professional criminals and organized crime. Anything you can do to protect yourself and hit back will help fight these criminals, and as we’re about to show, there’s plenty you can do. What you can do about scare ware
1. When you see an attack:
1.Don’t click anything on the web page. Close the tab, using the browser. (If the computer is part of a business network, notify your Business IT Support immediately.)
2.Disconnect the internet router or wireless connection. Until you’re sure your computer is not infected, use another computer.
3.Notify your bank that you’re concerned about a possible computer infection. They’ll make a note of it, in case anything happens. Banks are very well aware of the problems, and you can expect a sympathetic hearing.
4.Run a security scan, immediately. Check your anti virus quarantine for anything it may have already caught. Remove anything you find.
5.Use Microsoft malware removal tool as a secondary check. This is downloadable from the Microsoft Security site.
After the attack
You can now hit back, and get some vindication.
1.Try and remember the URL of the site which attacked.
2.Report the site to Google.
3.Notify your Federal communications authority, or the FBI’s IC3 site. There are believed to be literally hundreds of thousands of them. Anything you do will help shut down these sites.