Summary: Cybercriminals use fake virus alerts to trick users into impulsively clicking on malicious links and sharing private data. Learn how to employ cyber security best practices to reduce the chances of your SMB falling victim to a virus hoax.
We all have reactions to computer alerts. As computers have become more stable, we can be lulled into a false sense of security: no alerts, no problems. Yet, at some point, most computer users will receive a fake pop-up virus alert. They can put themselves at risk if they do not know that the alert is a hoax and contains its own malicious code. The hackers behind the hoax count on being able to scare targets into clicking on things that appear to be from trusted cyber security companies.
Wikipedia defines scareware as “a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antirust software to remove it.”
Beware of impulsive and panicked reactions to any virus alert. Before doing anything, scrutinize the alert. Did it really come from a reputable cyber security company? Assuming you have antivirus protection, check to see if your software has generated any alerts or noted suspicious activity.
The goal of virus hoaxes is to fool users into clicking on the warning pop-up windows. Although it purports to be protecting the user from a virus, the warning actually contains a link to malicious code. These fake alerts can be the launch pads for rogue antiviruses, pop-up adware and redirection to erroneous websites.
Fake virus alerts have become more challenging to identify. Fortunately, there are a few telltale signs that you should think before you click:
Unfortunately, cyberthieves constantly improve their strategies and tricks to lure users into their scams. If you continue to experience one or more of the above symptoms, your security awareness should elevate to a red alert. Trust your gut. Ignoring fake alerts may not be enough to get past them. If you are uncertain about the next steps, engaging IT professionals to run a cyber risk analysis would be wise.
There are a few simple steps you can follow to avoid getting “trapped” by a fake virus pop-up alert:
Scareware hoaxes are not always launched via fake pop up viruses. Computer virus emails, known as phishing emails, can present the same threatening fake virus alerts. The email header might say something like: “WARNING! YOUR COMPUTER HAS BEEN ATTACKED BY A VIRUS! TO FIX THIS PROBLEM, CLICK HERE!” If the body of the email text is menacing enough, an untrained user can be fooled into clicking the link and launching an attack. Whether you are an individual user or an SMB owner, training in cyber security best practices is essential to keeping your computer system virus-free. If you are not tech-knowledgeable enough to perform best practices training, you should consider working with professional IT experts. They can ensure that you and everyone you work with are fully trained and remain up to date about what to do to keep your computer system and network safe.