How to Spot and Avoid a Scareware or ID Theft Protection Scam

Bogus virus alerts and phony ID theft prevention are all part of the money-making protection scam racket that’s netting crooks a fortune: Internet Scambusters #352

Con artists have found a great way to exploit the security fears of Internet users, using protection scam tricks to get at our wallets and personal information.

They’ve circulated thousands of so-called scareware programs that flash bogus virus attack warnings on our computer screens, or they pretend they can save us from identity theft for a fat fee.

Of course, there are anti-virus programs and ID theft protection services that really do work, and in this issue we show you how to tell the difference.

On to today’s main topic…

How to Spot and Avoid a Scareware or ID Theft Protection Scam

Protection scam artists are making a fortune, cashing in on our fears about computer security.

They’re pumping out scareware programs in the thousands, firing up bogus warnings claiming our PCs have been infected with viruses and then demanding a fee to remove them.

Others send out protection spaham (mispelled intentionally) messages, dishonestly claiming they can improve our online security, offer credit protection and reduce the risk of identity theft.


Let’s start with scareware — virus protection scams that generally flash warnings on our computer screens either claiming the machines have infections or offering a “free” scan to see if you are infected (which, of course, they’ll say you are).

These may be of the pop-up window variety, appearing during Internet browsing, or, more recently, they may mimic the so-called Blue Screen of Death on PCs (not Macs) which tells you your system has crashed.

You’re then invited to buy a license for a downloadable program with a genuine-sounding name, sometimes similar to established, authentic software.

The price is normally around $40, but the program doesn’t work. Worse still, it may even download other malicious software onto your computer — stuff that may steal personal information from your hard drive.

It may even install ransomware — programs that make some of your data inaccessible until you pay a ransom fee. For more on ransomware, see this Scambusters issue.

According to a recent article in USA Today, there are more than 9,000 varieties of these scareware programs, promoted by networks of hackers and other crooks who get a fee each time they hook a victim.

It’s big business; one Russian syndicate was said to have earned $146,000 in just 10 days. And a survey by Microsoft, testing for just one scareware program, found 4.4 million machines were infected.

The virus protection scam artists have multiple ways to get you into their clutches. For instance, you may download the scareware in the same way you get other malware onto your computer — by clicking phony links and attachments in email.

Recently, we’ve seen scareware links embedded in comments about videos on YouTube and in “tweets” on Twitter.

Or you may get a message offering to update a legitimate piece of software on your computer (a Flash player for example), when it’s really a scareware download.

In other cases, protection scams lurk on hijacked web pages (500,000 of them in one recent count), search results on Google, ads and other online services.

Whatever the route, they all end in that infection warning and download invitation and, in many cases, even when you suspect a scam, you can’t close the warning window without launching another one.

In fact, you may not even be able to close your browser. As one expert put it: It’s like walking on quicksand.

So how can you protect yourself from scareware?

Here are some important tips:

First and foremost, install legitimate Internet security software from the likes of Symantec, McAfee, Trend, AVG, or Kaspersky. Hunt it out yourself — don’t respond to protection spaham. These programs will alert you to scareware.

Scanning your whole system should also remove any protection scam programs that have already found their way onto your machine.

Second, never click on a pop-up that claims your PC is infected or offers a free scan. They are virtually all protection scams. Period. Don’t even click on the “no thanks” or “X” close box in these cases — after all, this is a scam, a click is a click, and you could end up downloading malware.

Instead, close your browser. If you can’t “X” out of it, right click (on a PC) on the program icon in the taskbar and choose “Close.”

If that doesn’t work, hold down the Control-Alt-Delete keys to bring up the Windows Task Manager and then, under the Applications tab, select the browser and choose “End task.”

And a couple of other scareware points to watch out for:

  • In one variation, the pop-up message claims you have an error in your system registry or other part of your installation (or it offers to scan for these errors) and, again, offers to put it right for a fee. Don’t fall for it.
  • There’s an offshoot of scareware called “prank software,” or “prankware,” which is really just a hoax intended to frighten you. A spooky graphic may open on your screen or you may get a frightening dialog box that says something like “Delete all files on your hard drive?” with only an “OK” button.This is someone’s idea of a practical joke. Ignore it and close your browser as explained above. Then run your anti-virus scan.

Now let’s take a look at ID theft protection scams.

Identity Theft Protection Scams

These take a number of forms, the three most common of which are:

  1. You get a protection spam which appears to come from a legitimate source. A famous recent example was use of the “Verified by Visa” tag in a message that invited users to register for this scheme (which does actually exist) by clicking a link that took them to a spoof page where they were supposed to list all their credit card details!Genuine ID protection companies don’t spaham, so never respond to such messages. Instead, if you’re interested, do your own search; look for established reputable companies.
  2. You get an email or telesales call telling you your name has come up on a list of potential ID theft targets, or even that your online identity has been compromised.Often, the caller or email author will claim to have a security-related title, like “inspector” and will offer you protection for a fee — usually $299.Again, this is bogus. Everyone is a potential ID theft target.If your information was on a stolen laptop or other compromised device, you’ll be contacted through snail mail, not by email or phone — and you’ll often be given some free service protection (rather than be asked to buy protection).
  3. Someone offers to remove your personal details from the Internet, thereby reducing the risk of identity theft.This is a “no-can-do” protection scam. You can’t erase all of your personal details from the myriad sources, many of them public records, available on the Internet. (It is possible to remove your details from individual sources though.) Don’t believe anyone who says otherwise.

We can’t stress enough how important it is to take steps to protect your identity online and there are lots of useful things you really can do in that direction, including working with genuine identity theft protection services, like TrustedID.

Visit the Scambusters Identity Theft Information Center for more helpful information.

Protection scam tricks aren’t going to disappear anytime soon, so make sure you take the steps outlined above to take care of yourself.

Time to close — we’re off to take a walk. See you next week.