Fake antivirus / scareware

What we know

Scareware programs display alarming but fabricated warnings claiming a computer is infected with viruses or malware. The goal is to frighten users into purchasing fake "security software" that either does nothing or installs actual malware. The FTC secured a $163 million judgment in 2012 against Innovative Marketing Inc., one of the largest scareware operations ever prosecuted in the United States.

The FBI's Internet Crime Complaint Center (IC3) issued warnings as early as 2009 that scareware had caused over $150 million in consumer losses. The DOJ also sentenced a payment processor who handled funds for a scareware cybercrime ring to 48 months in prison. These cases confirm that fake antivirus is not a myth but an active and prosecuted criminal enterprise.

Modern variants include tech support scam pop-ups that lock the browser and display fake Microsoft or Apple warnings, urging users to call a toll-free number. The FTC continues to receive thousands of reports of such scams annually. Users should only install antivirus software from recognized publishers obtained through official channels.

Common claims

• Pop-up warnings saying your PC is infected are legitimate urgent alertsFalse. Legitimate antivirus software does not display browser pop-ups demanding immediate payment.
• Paying for the software the warning recommends will fix the infectionFalse. The software is either useless or itself malicious.
• Scareware is a minor nuisance, not a serious crimeFalse. It constitutes wire fraud and has resulted in federal prison sentences.

Evidence hierarchy

All sources

• FTC Case Results in $163 Million Judgment Against Scareware MarketerFederal Trade Commission · 2012
• Scareware Scammers - FBI IC3 Public Service AnnouncementFBI Internet Crime Complaint Center · 2009
• Payment Processor for Scareware Cybercrime Ring Sentenced to 48 MonthsU.S. Department of Justice · 2012

Related terms