Your IP: Unknown · Your Status: Unprotected Protected

Blog How-To

How to get rid of scareware

Nov 22, 2019 · 3 min read

How to get rid of scareware

A red exclamation point. Flashing text. You’ve been infected by a virus! But can you take anything for granted in the online world? That alert might be scareware. Find out how to identify and get rid of it.

What is scareware?

Scareware is a form of malware that uses frightening tactics to lure you into purchasing and installing malicious software. It usually appears in the form of an aggressive pop-up or a banner that displays a fake virus scan stating that you have viruses or your system is in grave danger. Then it prompts you to buy and install some dodgy antivirus program to immediately “solve” this problem.

Of course, the fake antivirus would only make matters worse. It’s malware that hackers can use to:

  • Steal your credit card info. Maybe you’ll buy their malware by entering your credit card details into their system. Maybe they’ll see it when you enter it somewhere else. Either way, you lose;
  • Infect you with malware. It might track your actions, gather your data, and provide it to cybercriminals. Moreover, it could zombify your computer and use it as a proxy to spread the malware to people who trust you.

How to identify scareware

Experienced online surfers recognize scareware pretty easily. However, cybercriminals are always improving their techniques to make it look increasingly convincing. Some scareware even has designated customer support numbers. Of course, they’ll probably advise you to delete your existing security software or update the fake one for additional charges. Below are some of the common characteristics of scareware:

  • Annoying, aggressive pop-ups or notifications. They’re usually difficult to close and might take you to a malicious website or even start downloading malware if you click on them;
  • Deceptively familiar names. The suggested programs usually have names you have never heard but that are similar to legitimate applications. Examples include Total Secure, XP Antivirus, Registry Cleaner XP, Security Toolkit, etc. It might even look like real antivirus software after downloading it;
  • Performance problems. Your system may start to behave strangely after downloading the malware. Your computer slows down, the number of pop-ups you see increases, additional unfamiliar programs appear, etc.;
  • The downloaded program is very difficult to remove. If you try to quit the installation process, it does not allow you to do it easily by throwing pop-ups, returning to the same window, crashing your browser or the whole system. If you do install it, it may take nothing short of a system wipe to get rid of it.

Keep in mind that genuine antivirus software will never start scanning your system out of the blue and display the result in the form or an online pop-up or a banner before you’ve even installed it.

How to remove scareware

In case you got hooked, you should immediately delete it and use legitimate antivirus software (if available) to get rid of the scareware. Be aware that the software probably won’t let you remove it easily. For additional tips on how to remove unwanted software, check our article on bloatware, which has more detailed instructions.

How to prevent scareware

To prevent this form of malware, do the following:

  • Use common sense. Do not click on suspicious banners or pop-ups. Only download software from official, trusted websites. Do not open links from sources you don’t trust;
  • Act quickly. If an unexpected download started or a malicious redirect took place after attempting to close a pop-up, close your browser immediately. If it froze, force quit it. Then remove anything that was downloaded or installed and scan your system;
  • Update your browser. The up-to-date version will more likely have better security tools;
  • Use updated antivirus software. Just make sure it’s secure and doesn’t collect your data;
  • Use ad-blocking software to block annoying pop-ups and ads;
  • Regularly check your computer for suspicious software.

To learn more about cybersecurity, subscribe to our monthly blog newsletter below!


Paul Black
Paul Black successVerified author

Paul is a technology and art enthusiast who is always eager to explore the most up-to-date issues in cybersec and internet freedom. He is always in search for new and unexplored angles to share with his readers.


Subscribe to NordVPN blog