Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

3 min read

What is scareware?

What is scareware?

Scareware is a social engineering scam that preys on fear to trick people into downloading malware, losing money, or giving away personal data.


Understanding scareware

Scareware typically starts with a deceptive message, often as a pop-up window, spoofed text, or phishing email. The hallmark of scareware is its use of scare tactics, such as threats of computer viruses or legal action, to pressure victims into taking immediate action.

These deceptive messages often appear legitimate, using the logos of well-known companies or disguising themselves as system notifications or antivirus program reports. 


Types of scareware scams

Fake virus scams

One of the most common tactics employed by cybercriminals is the use of fake virus scams. These scams typically involve pop-up messages that warn users about malware infections on their devices. These pop-ups often mimic the appearance of antivirus software scan reports, making them appear convincing to unsuspecting users. The scammers then direct users to download fake security software, which not only steals their money but may also install additional malware on their devices.


Fake tech support

Another popular scareware scam involves scammers posing as tech support personnel from reputable companies like Apple or Microsoft. These scams often begin with a pop-up message instructing the victim to call a phone number for assistance. In some cases, scammers may even cold call their victims. Once the scammer establishes contact, they employ various tactics to trick the user into uninstalling genuine security software and granting remote access to their device. From this point, the scammer can either steal sensitive data from the victim or install malware. 

Tech support scammers sometimes charge victims for fraudulent services, as in the 2019 Office Depot scandal. Employees of Office Depot were found to be running fake scans on customers' computers and using the results to sell unnecessary repair services. This scandal resulted in significant financial penalties for Office Depot and its partner,



Malvertising is a scam where hackers hijack ads on platforms like Facebook and Google, using them to spread viruses and malware. In the context of scareware, users may encounter an advertisement on a webpage offering free antivirus software. 


Law enforcement scams

In law enforcement scams, cybercriminals masquerade as police officers or FBI agents to intimidate and deceive their victims. This scam typically involves a pop-up informing the victim that illegal material has been found on their device. To resolve the supposed issue, the scammers demand payment, promising to make the problem disappear. Sometimes, these pop-ups even lock the victim's screen until the payment is made, adding additional pressure to comply.

Read more: How to guard against scareware


How scareware operates

When users follow the instructions provided by scareware messages, several outcomes are possible:


Data theft

In some cases, victims are led to scam websites where they enter their credit card information to purchase fake security software. This software is nonexistent, and scammers use this opportunity to steal the victim's data, potentially leading to identity theft.


Worthless software

Scareware may also trick users into paying for entirely useless software, except for possibly slowing down their devices. 


Malicious software

Scareware can serve as a trojan horse, delivering malicious software like spyware, which secretly collects personal data without the victim's knowledge.

See also: HIPAA Compliant Email: The Definitive Guide


In the news

The Spanish National Police successfully apprehended a Ukrainian national, internationally wanted for orchestrating a scareware operation from 2006 to 2011. This extensive scheme infected hundreds of thousands of computers worldwide, displaying misleading pop-up messages that tricked users into believing their systems were compromised by malware. Victims were coerced into paying $129 for a bogus security program, purportedly capable of cleansing their devices. This operation defrauded consumers of over $70 million globally. 

The suspect was arrested on June 11th, 2023, at Barcelona-El Prat airport, following intelligence gathered by Spanish authorities about his flight plans. The arrest was facilitated by an Interpol Red Notice issued by the United States. Following his capture, the suspect was presented to the Central Investigating Court number Six of the Spanish National Court and placed under immediate custody due to the grave nature of the charges. This arrest follows the Spanish police's recent dismantling of a large-scale phishing operation, proving their ongoing efforts to combat cybercrime.



What is scareware and how can it affect the healthcare industry?

Scareware is fake security software that tricks users into thinking their system is infected. In healthcare, it can disrupt operations, compromise patient data, and lead to financial losses.


How is scareware different from other types of malware like viruses or ransomware?

Scareware uses fake alerts to scare users into buying bogus software, unlike viruses that spread or ransomware that locks data for ransom.


What are some common indicators that a computer system in a healthcare setting might be infected with scareware?

Signs include frequent fake virus warnings, system slowdowns, prompts to buy software, and unauthorized charges for security services.


What measures can healthcare organizations take to protect themselves from scareware attacks?

Protect against scareware by training staff, using reliable antivirus software, keeping systems updated, and employing strong network security.

See also: HIPAA Compliant Email: The Definitive Guide 


Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.