Ransomware is a word you’ve probably heard often over the past few years and it has been the key topic on many articles and information we’ve shared, but we realized this week, is the increasing need to educate you about Scareware.
Forcepoint defines it best: Scareware is a malware tactic that manipulates users into believing they need to download or buy malicious, sometimes useless, software. Most often initiated using a pop-up ad, scareware uses social engineering to take advantage of a user’s fear, coaxing them into installing fake anti-virus software. Scareware goals can vary from selling useless, fake tools to the installation of damaging malware that exposes sensitive data. Scareware has been known to convince users to download ransomware, a form of malware that holds the user’s data hostage in exchange for a payout.
You’ve probably experienced this and may not even realize it. Have you ever encountered a surprise pop-up telling you your computer is at risk and software needs to be downloaded or installed to prevent damage? You are smart and most likely, you ignored the message, but not everyone does—and these messages are getting more and more sophisticated and seem very, very legit.
Over the past few weeks, we’ve had a few reports of users experiencing this scareware tactic. However, in two cases, instead of being contacted through a pop-up or email, the user was the one who called a number they believed was the manufacture of a piece of hardware and ended up on a bogus call where the person on the other end tried to get them to pay for a solution. Thankfully, the users were smart enough to know something wasn’t right and left the call before any harm was done. They called EMCO to give us a heads up about the incidents and that consideration prompted this article for you.
So how do you protect yourself?
Easy, the first thing you do is DON’T BUY ANYTHING!! If you think there is something legitimate to the claim, seek the advice of IT professional. You can also search known cyber security threats at https://www.cisa.gov/cybersecurity .
Second, DON’T PANIC and get help. Call your IT department or tech support company, and if you are experiencing this on your personal equipment and don’t have an IT dept to call, call a local tech company like us for some guidance.
Third, understand a reputable software company like Microsoft, Apple or HP will NOT call you about issues with your computer nor will they threaten you via email.
Recent data breaches such as SolarWinds affected some of the most reputable Fortune 500 companies, so chances are we will continue to see an increase in ransomware and scareware events. Continue to be diligent and smart about protecting yourself against and reacting to these events.