Fake Antivirus Scams: Avoiding Wolves in Sheepdogs’ Clothing

Last Updated on August 17, 2023

It is almost a given that you need some sort of malware and virus protection on your computer and, in many cases, even your mobile devices. Cybercriminals have grown more active each year, and cybercrime has grown in profitability.

Parallel to this is the cybersecurity industry, and many products are on the market. You might say you can’t even keep track of them all.

And this is a problem since fake products are on the market. Some are normal-looking but scams in practice. Others are blatantly a problem and extremely intrusive on your computer (and destructive to it in the meanwhile).

In all cases, you want to keep fake antivirus scams off your computer, and we at Family Security Matters are here to help you keep the scams at bay.

What Is a Fake Antivirus or Fake Security Software Scam?

Antivirus Technology Protectio

Image by RIFKIE DRAJAT PUTRA PRATAMA

Fake antivirus scams come in a few flavors, but all involve a virus, malicious webpage, or scammer pretending to be an antivirus service. It might be an impersonation of a popular service such as Norton, McAfee or a completely invented one.

The goal is to infiltrate your device to get ahold of your information or trick you into giving out personal information or money in the name of cybersecurity. 

Note there could be one of two main approaches or focuses:

A fake salesperson (scammer) trying to sell you an antivirus product that doesn’t work well, is overpriced, or you don’t need it.
Popups, websites, or programs attempt to get you to download malware or ransomware onto your computer, which then causes havoc or extorts you for money.

How They Work

Nearly all fake antivirus scams involve a piece of malware getting on your device. There might be a few fake service scams out in the world, but the most popular and effective scams involve getting something that’s not supposed to be on your computer.

Once your computer or browser has been affected, it will be big and loud about a threat to your device, and you need to remove it using this special software or service.

If this sounds familiar to ransomware, that’s because ransomware often takes the form of a fake security program.

Note that it can get confusing when talking about these scams, as there can be several different aspects to them:

The scammer themselves are working to make the antivirus scam appear more legitimate.
The site, platform, or tricks used to get people to install or sign up for fake antivirus software.
The software itself, which is at once the meat of the scam more like malware, depending on the variant. 

Some aspects of the scam might be emphasized or specialized in more than others, but this is the general flow of it.

Why They Work

Not as many people are tech savvy and have online awareness as we’d like, and many people are not as smart as they think they are when it comes to using the internet or any of their devices

Furthermore, many people might not know these scams exist, especially those not always online.

There’s also the matter of quantity over quality. Attempts are endless, and they only need to work once. A 1-in-100,000 success rate for a scammer is a pretty good day for them.

Finally, they can be hard to escape depending on the delivery method unless someone knows what they’re doing. You may think your browser is frozen except for interacting with the pop-up.

How Common Are They?

In terms of attempts, they’re so common that it’s nearly impossible to try and keep track of them. Each day there are multiple new variants, vectors of attack, etc., from these types of scams, either more intelligent or lazy than the last.

And as we mentioned, scammers and cybercriminals work by quantity with this issue. You need to know that they’re lurking around every corner of the internet, except for the more legitimate places. You’ll find ads for bad software in those places, but nothing so severe.

If you’re interested, you may also want to look into tech support scams, which these are a variant of.

Common Vectors of Attack

Where do these programs hide when they aren’t on your computer? How do these scams find their way onto computers?

Pop-ups: Depending on the site(s) you use, you will find ads that lead to pop-ups. These pop-ups are malicious, say you’re infected, but instead lead to malware.

You don’t have to follow through or touch anything when you get such a popup. First, you can try to close out of the tab. If that doesn’t work, close out of the browser. And if that doesn’t work, you can end the process using the task manager (you should still be able to access it.

In the meanwhile, try to avoid sites that lead to such popups.

Bogus Websites: Have you ever typed Facrbook.com by accident and hit enter? Some might lead to the correct website, as is the case above. Others, however, may be owned by scammers or cybercriminals hoping to trick people. This can mean a copy site that will install malware, a site that will attempt to hijack your browser, or something else entirely.

Emails and spam: Scammers use email for all types of scams. It’s easy, cheap, and can be automated. Sometimes fake antivirus scams are among those things that are automated. Please don’t click on them, even if an amazing deal is offered. Just don’t get your antivirus program through an email offer.

Standard Tactics Used by Fake Antivirus Programs and Scams

Fake antivirus programs and scammers generally run by a few scripts they’ve used for a long time and don’t feel like updating except on a surface level.

There is always a threat on your computer, and the fake antivirus program is the only thing in the world standing between you and certain doom. And the more flashing lights and bold fonts used in the process, the better.
Popups everywhere! Fake antivirus scams hope to get your attention with popups online and keep it with popups on your desktop. They might hope just to catch a stray click, get you to spend more money, or keep you fearful.
Some scams seek to imitate known names or impersonate major brands. Think of an off-brand Norton offering a special price or an alert from a well-known (that many people will have installed) telling you your device is infected. It’s more effective than you’d think.
In some rare cases, the software is a copy of a legitimate product but modified. That’s why getting your software from a trusted source is important, even if you pay more for it.
The “service” being free at the start or cheaper than the real thing is a common tactic to catch your attention. Remember, you get what you pay for in these cases.

Signs a Program is a Fake Antivirus Scam

It asks you for money to remove a virus.
Pop-up messages and notices from a program or offer include download links or files.
It asks you for money to restore access to your files or settings.
Your computer or device runs much more slowly than usual. Antivirus programs use processing power, but not that much.
It tries to disable other programs and processes, including other cybersecurity programs.
While an antivirus or cybersecurity program can be a bit pushy (to put it lightly) when it comes to resubscribing or wanting you not to uninstall it, it won’t hijack your computer. You will be able to do so. A piece of malware from a scam might be more difficult.

How to Avoid Fake Antivirus Scams

Avoid suspicious websites and links. Whatever you’re looking for, there’s probably a legitimate site for it that will not try to install malware on your computer.
When getting an antivirus program, download or purchase it directly from their site. This helps minimize the chance of getting an imposter program.
Only use or investigate antivirus programs that have a sizable market presence, to begin with, including reviews, potential deals, etc. If security websites (plural emphasized) all review it and say it’s ok, it won’t be a scam, however good or not good the product is.
Just because a popup says you have a virus on your computer doesn’t mean it’s true. But if you believe every popup, you will soon have that virus on your computer.

What to Do If a Fake Antivirus Program Is on Your Device

Perhaps you found this article after falling for a fake antivirus scam of one sort or another and are reading this article on your smartphone while your computer is freaking out. 

First, this is a mess; don’t let anyone tell you it isn’t. Some of these messes are bigger than others, but they are indeed all messes. So, what do you do? You take action, create a plan, and work to save your money, devices, and information. It will take some time, but it’s far better than the alternative. 

You can handle this.

The type of malware and its tactics will factor into your response, but the following steps are recommended in all cases:

1. Never Give in to Its Demands

Regardless of what threats it makes, you should never give in to the malware or ransomware disguising itself as an antivirus program. 

Never give in to the demands of a scammer contacting you or holding your data ransom, ever! 

One of a few things will happen:

  • Nothing. You’ll just have to give the cybercriminals money and encourage them to try harder shortly.
  • You will supposedly get your files of computer access back, but sooner or later (likely sooner), the “program” will come back and demand more, perhaps under the guise of a subscription fee or extra services.
    • There are reports of ransomers actually returning stolen data for big corporations, but you probably aren’t acting on behalf of one of them. A scammer doesn’t care about its reputation with you or people like you. 
  • You’ll start getting calls from people affiliated with the “company” after they gather personal information to try to get money or more information out of you. Won’t stop.

2. Decisively Remove It

Ransomware Virus Malware

Image by Tumisu

How did the fake antivirus scam work? Did it install anything on your computer? Was there the potential that it installed anything on your computer? 

If anything got onto your computer from the fake antivirus scammer or scam company, you need to remove it before doing anything else with your computer. That’s if you can do anything else.

You’ll want to give it the ransomware removal treatment because that’s what you’re likely dealing with. 

You may want to reboot your computer in safe mode as part of this. You may have to. This way, the program is less likely to get activated. It can be a hassle to navigate, but with some careful searching and tinkering, you can remove the offending program with assistance from a guide.

As a last resort, a system restore or factory reset might be necessary to get your device back in working order and keep your information safe. This has drawbacks and can be a hassle if you have files you want to keep on your device. If you mostly use cloud storage and wouldn’t need to redownload much, though, then just go for it and don’t look back. 

3. Check Your Files and Get a Proper Security Program

Even after removal or even reset, the antivirus software could have done some damage. You don’t know if any files or programs could have been modified. This can, unfortunately, include the OS files and programs, making your computer severely problemed until it is fixed.

While this is happening, now is the time to get a proper security program and perform a scan if you haven’t already. I understand if you have trust issues with antivirus programs now, but it’s something you need to have.

What Programs Can You Rely on?

Sign Security Coat Of Arms

Image by Gerd Altmann

While there are endless fake antivirus programs and scams to watch out for, don’t let that dissuade you from getting actual antivirus protection for your devices. 

Instead, let it be a call to action to invest in something that works. Unfortunately, this means a premium service you must pay for, but considering the cost of the things it protects you from, it’s a small cost.

Some programs that I would recommend to most users include:

  • Antivirus or security suite programs have become staples of the cybersecurity industry, including scanning, firewalls, and a host of other security features. 
    • I recommend McAfee, Norton, AVG, or Bitdefender, but other excellent options exist. Read additional reviews and see what fits your needs best.
  • There are also password managers, which can help you create complex passwords for your accounts and remember them for you (I know I can’t remember them all if I want to be safe). They may or may not come included with a security suite or antivirus program, so don’t start with this one and get it if needed.
    • Bitwarden, NordPass, and Dashlane are good options.
  • Many people will swear by using a virtual private network (VPN) to encrypt your web traffic and make it appear you’re using the internet from a different location.
    • ExpressVPN and Surfshark are good options here. Some security programs may include one but might not be as good as the separate, premium options.
  • This is also a good time to get an identity theft protection service, given how often identity theft occurs and how these scams can lead to it.
    • I recommend Aura as the identity theft protection service for most households. It comes with identity theft insurance, will help resolve problems, and carefully monitors your accounts.

Ensure that your desktop/laptop and mobile devices are covered when setting things up. Mobile malware is on the rise, and you can typically get a subscription from security software providers that covers everything.

Conclusion – Get Real Protection, Avoid the Imposters

Dealing with a fake antivirus program or scam can be a confusing, annoying, and even scary experience. These scams are designed to put us on edge and make bad decisions about our money, information, and devices. I hope that now you are armed with this information, you’ll be able to better respond to one when it pops up (and it will).

Meanwhile, do what you can to prevent any damage from being done and remove the chance of a fake antivirus scam affecting you. 

That means using proper security software, practicing good cybersecurity and information security hygiene, and using services such as Aura to protect yourself from some of its worst effects. 

You are the only person you can rely on to protect yourself, so take charge of your security today and start working on the steps outlined in this article.

Other Types of Scams You Need To Know: