Scareware

What Is Scareware?

Scareware is a type of malicious software that uses fear tactics—like fake virus warnings and alarming pop-ups—to trick you into believing your device is infected. The goal is to pressure you into paying for fake security software, downloading actual malware, or giving scammers access to your device.

What This Looks Like in Real Life

You're browsing the web when a pop-up suddenly appears warning that your computer is infected with dozens of viruses. The alert looks official—maybe it has a Microsoft or Norton logo—and urges you to download "security software" immediately or purchase a "full version" to remove the threats. In reality, there are no viruses. The only threat is the scareware itself, designed to steal your money or compromise your device.

Scareware vs. Fake Alert: What's the Difference?

While closely related, these terms describe different parts of the same scam:

• Fake alert refers to the fraudulent warning message itself—the pop-up or notification designed to frighten you
• Scareware refers to the malicious software behind the scheme, including fake antivirus programs that claim to detect and remove threats

A fake alert is often the delivery method for scareware. The alert scares you into downloading or purchasing the scareware product.

How Scareware Works

Scareware follows a predictable pattern:

1. Initial contact: A pop-up, ad, or notification appears claiming your device is infected
2. Fear escalation: The warning uses alarming language, flashing colors, or countdown timers to create urgency
3. False scan: Some scareware displays a fake "system scan" showing fabricated threats
4. The pitch: You're urged to download free "protection" software or pay for a premium version
5. The trap: If you comply, you either pay for worthless software, download actual malware, or give attackers access to your device and payment information

Common Types of Scareware

Fake antivirus software: Programs that mimic legitimate security tools, display fake scan results, and demand payment to "remove" nonexistent threats.

Rogue system optimizers: Software claiming to fix performance issues, registry errors, or junk files—problems that either don't exist or don't require paid software to resolve.

Fake update prompts: Pop-ups claiming your Flash Player, browser, or other software is outdated and directing you to download malware disguised as updates.

Browser hijackers: Scareware that takes over your browser, changes your homepage, and displays constant security warnings until you pay.

Fake tech support software: Programs that lock your screen or display persistent warnings, directing you to call fraudulent tech support numbers.

How Scareware Spreads

Scareware reaches victims through multiple channels:

• Malicious advertisements (malvertising): Infected ads on legitimate websites that display fake warnings
• Compromised websites: Sites that have been hacked to display scareware pop-ups
• Phishing emails: Messages containing links to scareware downloads or fake virus warnings
• Bundled software: Free programs that secretly install scareware alongside the intended application
• Fake download buttons: Deceptive buttons on download sites that install scareware instead of the desired software
• Social media links: Posts or messages sharing links to scareware-infected sites
• Search engine manipulation: Scareware sites optimized to appear in search results for security-related queries

Warning Signs of Scareware

Watch for these red flags:

• Unexpected pop-ups claiming your device is infected—especially while browsing
• Warnings that appear outside of your installed security software
• Alarming language demanding immediate action
• Pop-ups that are difficult or impossible to close
• Fake "system scans" that complete in seconds and find numerous threats
• Requests for payment to remove detected threats
• Software you don't remember installing appearing on your device
• Security warnings with poor grammar, spelling errors, or unprofessional design
• Alerts that prevent you from navigating away or using your browser normally
• Programs that disable your legitimate antivirus software

How to Protect Yourself

Use legitimate security software

• Install reputable antivirus software from trusted sources
• Keep your security software updated
• Know what your real security software looks like so you can spot fakes

Practice safe browsing

• Use a pop-up blocker in your browser
• Avoid clicking on online ads, especially those warning about viruses
• Don't download software from pop-ups or unfamiliar websites
• Only download programs from official sources or trusted app stores

Stay skeptical

• Remember that legitimate security software doesn't advertise through pop-ups
• Be suspicious of any unsolicited warning about your device's security
• Microsoft, Apple, and antivirus companies don't display pop-ups demanding immediate payment

Keep everything updated

• Update your operating system and browser regularly
• Install software patches promptly to close security vulnerabilities

Verify before you act

• If you see a virus warning, close the browser and run a scan with your legitimate security software
• Never call phone numbers displayed in pop-up warnings
• Use a trusted free scam checker like Scamwise to review suspicious messages, calls, or emails before responding

How to Remove Scareware

Step 1: Don't panic

‍The warnings are fake. Your device likely isn't infected with what the scareware claims.

Step 2: Close the browser

• Don't click anything on the pop-up, including "Cancel" or "X" buttons within the alert
• Use Task Manager (Windows: Ctrl+Alt+Delete) or Force Quit (Mac: Command+Option+Escape) to close your browser

Step 3: Boot into safe mode

• Restart your computer in safe mode to prevent scareware from running during removal
• Windows: Hold Shift while clicking Restart, then select Safe Mode
• Mac: Hold Shift while starting up

Step 4: Uninstall suspicious programs

• Go to your installed programs list and remove any unfamiliar or recently installed software
• Look for programs with names mimicking legitimate security software

Step 5: Run a legitimate antivirus scan

• Use trusted security software to perform a full system scan
• Consider using a dedicated malware removal tool for thorough cleaning

Step 6: Clear browser data

• Clear your cache, cookies, and browsing history
• Reset your browser settings to default if problems persist
• Remove any suspicious browser extensions

Step 7: Change compromised passwords

• If you entered any login credentials while scareware was active, change those passwords from a clean device

Step 8: Monitor for further issues

• Watch for signs that scareware may still be present
• Consider professional help for persistent infections

What to Do If You Paid for Scareware

• Contact your bank or credit card company immediately to report the fraudulent charge
• Request a chargeback if possible
• Monitor your accounts for additional unauthorized charges
• Change passwords for any accounts where you used the same payment information
• Report the scam to the FTC at reportfraud.ftc.gov
• Run a full malware scan—if you downloaded anything, your device may be compromised

FAQs

What is scareware?

‍Scareware is a type of malicious software that uses fear tactics—like fake virus warnings—to trick you into paying for unnecessary security software or downloading actual malware.

How does scareware get on my computer?

‍Scareware typically spreads through malicious pop-up ads, compromised websites, phishing emails, bundled software downloads, or fake software update prompts.

How do I remove scareware from my device?

‍Boot into safe mode, uninstall suspicious programs, run a full scan with legitimate antivirus software, clear your browser cache, and reset browser settings if needed.