One of the most widespread types of cyber scams being perpetrated against consumers these days involves “scareware”— those pop-up messages you see on your computer saying you’ve got a virus and all you have to do to get rid of it is buy the antivirus software being advertised.
And if you don’t buy it? The pop-ups continue unabated and, in some instances, the scareware renders all of the information on your computer inaccessible.
According to a release issued by the Federal Bureau of Investigation (FBI), today the Department of Justice and the FBI announced “Operation Trident Tribunal,” a coordinated, international law-enforcement action that disrupted the activities of two international cyber crime rings involved in the sale of scareware. The groups are believed responsible for victimizing more than one million computer users and causing more than $74 million in total losses.
What is Scareware?
Scareware is malicious software that poses as legitimate computer security software and claims to detect a variety of threats on the affected computer that do not actually exist. Users are then informed they must purchase the scareware in order to repair their computers and are barraged with aggressive and disruptive notifications until they supply their credit card number and pay up to $129 for the worthless scareware product.
The FBI’s Seattle office began looking into a scareware scam that ultimately claimed an estimated 960,000 victims who lost a total of $72 million.
According to the release, investigators discovered a variety of ruses used to infect computers with scareware, including consumers being directed to websites featuring fake computer scans. Once their computers were infected with the malicious software, victims began being notified by pop-ups that their machines had all sorts of viruses and they should buy the antivirus software being advertised — at a price of up to $129.
The FBI’s Minneapolis office initiated an investigation into an international criminal group using online advertising to spread its scareware product – a tactic known as “malvertising.”
According to a federal indictment unsealed today, the two individuals charged created a phony advertising agency and claimed to represent a hotel chain that wanted to purchase online advertising space on a Minneapolis newspaper’s website. After the ad was verified by the paper and posted, the defendants changed the ad’s computer code so that visitors to the site became infected with a malicious software program that launched scareware on their computers. That scheme resulted in losses of about of about $2 million to its victims.
An International Effort
In a true reflection of the international nature of cyber crime, “Trident Tribunal” was the result of significant cooperation among 12 nations: Ukraine, Latvia, Germany, Netherlands, Cyprus, France, Lithuania, Romania, Canada, Sweden, the United Kingdom and the U.S. So far, the case has resulted in two arrests abroad, along with the seizure of more than 40 computers, servers and bank accounts. Because of the magnitude of the schemes, law enforcement agencies here and abroad are continuing their investigative efforts.
How to Spot Scareware
- Scareware pop-ups may look like actual warnings from your system, but upon closer inspection, some elements aren’t fully functional. For instance, you may see a list of reputable icons — like software companies or security publications — but you can’t click through to go to those actual sites.
- Scareware pop-ups are hard to close, even after clicking on the “Close” or “X” button.
- Fake antivirus products are designed to appear legitimate, with names such as Virus Shield, Antivirus, or VirusRemover.
To avoid being victimized, make sure your computer is using legitimate, up-to-date antivirus software, which can help detect and remove fraudulent scareware products.
If you think you’ve been victimized by scareware, file a complaint with the FBI’s Internet Crime Complaint Center.