Scareware is malware that frightens users into downloading software that appears to be legitimate but is actually malware. It usually takes the form of a pop-up that looks like it comes from a legitimate anti-virus company. The pop-up tells the user that it has identified a serious, dangerous virus in your machine and then prompts the user to install its anti-virus software to remove the virus. In some of these scams the user has to pay for the software. In others, the ‘fix’ is free. In some of these scams the user need only click on a button on the pop-up to ‘clean’ the machine.
Of course, the bad virus doesn’t exist and the solution for it is malware that steals the person’s data.
The most widespread use of scareware occurred in China between 2006 and 2012. There, an unscrupulous company named 360/Qihoo distributed free anti-virus software to 100s of millions of Chinese PC users. The software contained legitimate anti-virus detection and removal capabilities but it also contained a scareware component that incorrectly told its users that one or more of their installed web browsers was loaded with security vulnerabilities and needed to be uninstalled. The AV software then uninstalled the so-called ‘dangerous’ web browser and installed 360/Qihoo’s ‘safe’ web browser. Of course, the ‘dangerous’ web browser wasn’t dangerous. It was merely the competition. This sleazy tactic netted 360/Qihoo millions of new browser users.