What is Scareware?
Scareware – a class of malware that specifically targets users via unethical marketing practices causing shock, anxiety, and the perception of threat. The old method of scareware was known to warn the users that their machines are infected, then persuade them to download. Sources from Microsoft’s TechNet suggest this trend has decreased as there is a new variant.
The new variant Win32/Defru undermines the user with a clever approach. The new strain does not warn the user, instead it prevents the user from accessing the internet. Warning windows will be displayed as message boxes instead of a traditional pop-up window. Preventing access to the internet will allow users to fall victim to this new strain. When the user is browsing the Internet, the rogue will use a host file to redirect links instead of using a fake website. A fake URL such as bing.com will appear in the address bar with a fake antivirus malware message.
The following fake message will appear in a message box, “Detected on your computer malicious software that blocks access to certain Internet resources, in order to protect your authentication data from intruders the defender system Windows Security ® was forced to intervene.”
The fake scanner page will appear to be identical as a typical message box that promises to perform a system clean, access to webpages, daily updates, and access to “Windows Security” and “Windows Defender”. Websites that are targeted with Win32/Defru is currently over 300 webpages. When users fall victim to the message they are forced to pay for a Rogue AV (rogue antivirus) that will deceive or mislead users into paying for fake versions of their products.
Preaching user awareness will help long term. However, new methods such as these will be common. Cautious users will be susceptible to fake URLs in their address bars such as bing.com will find it hard distinguish a fake or genuine message. Before purchasing a security product make sure to conduct thorough research. CyberStreams can help your business decide which option is the best for your business as we provide support with partners such as ESET, McAfee, and Trend Micro.
CyberStreams believes that running and managing security software should ensure smooth business operations, not get in the way. CyberStreams recommends ESET Endpoint and Server Security Solutions as it heavily relies on Real-Time Adaptive Scanning instead of solely referencing a massive database of virus signatures. Contact a CyberStreams Account Manager today for genuine ESET products to prevent future scareware attacks for your business.