In recent weeks the Information Security Team have seen an increase in what is known as scareware tactics affecting University personnel. These attacks can lead to a remote attacker gaining access to your device and result in data and financial losses.
What is Scareware?
Scareware is a type of malware, which attempts to coerce a victim into doing something they shouldn’t, using social engineering techniques. This can include forcing you to make a payment, hand over data, or provide access to systems.
Scareware is normally presented as a web browser ad, which can be placed on legitimate websites by an attacker. It does not usually attempt to run any programs or make changes to your device, making detection by antivirus tools difficult.
Perpetrators also commonly use domain impersonation, whereby they purchase a domain name which sounds similar to a popular website and use it to host their scareware. When triggered, the site displays an error message stating that a critical issue has been detected on your computer and provides a fake support number for you to contact.
If you call the number, it will connect you to a scam call centre.
Similar scams may claim that files will be encrypted or deleted unless you buy recovery software, or that illegal activity has been detected and you must pay a fine. These can be persistent and not easy to close. They are also often accompanied by audio effects such as alarms and voiceovers.
How to deal with Scareware
- If you encounter scareware while using a University device, contact the Service Desk immediately. Never click on browser pops ups or links claiming to offer IT support or fix a problem with your computer or internet connection.
- If the ad has taken over your screen or otherwise cannot be closed, hold the Alt key and press F4. This will attempt to force it to close. If this does not work, forcing your device to restart will usually clear it.
- Always remain suspicious of any form of unexpected contact or pop-up advertising. If you are being urged to act quickly to make a payment, or to install software, you may be the victim of Social Engineering. Never allow an unverified person to gain remote access to your device.
Report phishing:
If you receive a suspicious email, report it immediately by clicking the Report Phishing button in Outlook. The Information Security team check every report.
You can find detailed instructions on this here: https://www.abdn.ac.uk/staffnet/working-here/it-services/security.php#panel7228