First of all, in cases where you usually use a PC and a security warning is displayed that is not very surprising. Windows for the longest time since Windows Vista 13-years ago had introduced a concept many people were annoyed about, User Account Control. However, not all warnings should be ignored, especially if the warning actually stops you from proceeding with your current workflow:
- PC detected a virus and security countermeasure software displayed a warning
- Attempting to connect to a website whose TLS certificate has expired in the browser via https
- Browser warned when trying to open a phishing site
- Most real security warnings are due to the above three.
- Most virus infections occur via the Internet, so most security alerts are displayed during browser software startup.
However, the security warnings that you encounter when you’re on the Internet include, quite a lot, fake warnings. Fake security alerts can upset the user, cause malicious software to be installed, or attempt to fraudulently obtain email addresses, credit card numbers, etc.
So how do you avoid being fooled by fake security alerts?
The scenario:
Suddenly, if you get a security alert, you may be upset, but what you want to think first is the possibility that the security alert is a fake. However, there are cases where it is difficult to determine whether the displayed warning is real or fake. Fake security alerts have a common feature. So we picked up the features of common fake security alerts.
One of the characteristics of fake security alerts is that the displayed message contains a word that requires the user to take some action. For example
“Call the number in the message”
“Make money transfer”
“E-mail address is listed and you are told to send email”
“You are told to press the button that says” Repair as soon as possible. ”
“Prompt to install software to fix the problem”
Real security alerts are unlikely to contain language that calls for such behavior. If you follow the fake security alert message and install software or send an email, a real attack will cause real harm. Some fake security alerts may produce unnatural buzzer sounds. This is to utter the user’s anxiety for the purpose of generating an alarm sound. There is also a type in which voice is heard saying “I’m infected with a virus”. Real security alerts do not produce audible alerts or sounds that may annoy these users. Most fake security alerts are displayed when you are browsing the home page in a browser. The attacker prepares a page to display fake security alerts in advance, and the user accesses the page, and displays the fake security alert without asking any questions.
Depending on your browser and security software settings, there are settings to hide security alerts. However, hiding security alerts is not a good idea. Although it is sometimes said that fake security alerts are displayed in the browser and security software settings even if the alerts are hidden in the settings of the browser, because the alert itself is fake.
Furthermore, in rare cases, the browser may display a real security alert. Here are some real security alerts that may appear in the browser Google Chrome. The warning is the message that appears when you try to display a page that supports TLS, but the certificate has expired. TLS or Transform Layer Security is a technology for encrypting communication between a PC and a server when browsing a home page. TLS warning appears if the site is supposed to be TLS enabled but the feature is disabled for one reason or another.
The second is a warning “I’m trying to access a fake site.” This warning is mainly displayed when trying to open a site suspected of doing a phishing scam. The homepage where this warning is displayed is registered by Google as a dangerous site. The two warnings presented here are the real security warnings in Google Chrome. If you are on the internet, close these browser tabs as soon as you see these warnings. You can ignore the warning and force the page to be displayed, but it’s dangerous and should be avoided.
Also, warnings that occur when a virus is detected by an antimalware software installed. Even with paid software such as Mcafee and Kaspersky, similar warnings should be displayed if a virus is detected.
What should I do if the real security warning introduced here is displayed? And what if security alerts are fake?
1.Ignore fake security warnings and do nothing
If you get a fake security alert, the correct action is to ignore the message and do nothing. There is no real harm if only fakes are displayed. Sites that display such warnings are often displayed when you open a suspicious site such as an adult site or a gambling site. Avoiding visiting such sites on a regular basis can help avoid fake security alerts.
2. If you follow the fake security warning instructions
If you follow the instructions of a fake security alert, you may have installed some software. Such software tries to illegally obtain personal information stored on a personal computer, or destroys data in the personal computer. If you install it, uninstall it immediately. There may be something left after uninstalling, so it is safe to do a complete scan of your system with security software.
3. If you get a real security warning
If the displayed warning is genuine, it is dangerous. Close the displayed page immediately to avoid further progress. At this time as well, it is recommended to do a full scan of your system with security software, just in case.
Some of you may have seen fake security alerts aimed at fooling users. Most fake security alerts are themselves shown maliciously. Even if a fake security warning is displayed, in most cases there is no problem if you firmly understand how to distinguish the genuine and fake security warnings introduced this time and calmly respond. Be careful not to follow the instructions given in the message, even if you encounter a fake security warning.