What are Fake Trojan Scams and How Can You Avoid Them?

You probably know about trojan viruses to some degree. You likely have an antivirus program installed on your computer to detect and block them – as you should. But did you know that fake trojan viruses can be just as dangerous? If you’re not careful, a fake trojan virus can lead to a real one.

A fake trojan virus attack is a scam tactic that claims to be real and exploits your fears of an infection. Interacting with a fake trojan can lead to an actual malware infection – or worse, extortion and financial loss.

In this post, we look at fake trojan virus attacks, what they are, how they work, and what you can do to protect yourself.

Let’s start.

What is a Trojan virus?

A Trojan is a kind of malware that disguises itself as a legitimate file to evade detection. Because the malware looks to be a legitimate app or file, there’s a high likelihood the user will execute the file. When that happens, the Trojan is deployed and can do all sorts of damage, such as infecting other programs, stealing personal data, etc.

Trojans are often used in social engineering attacks, in which users are manipulated to shoot themselves in the foot, either by unwittingly revealing sensitive information or by running a compromised file or app. Because Trojans masquerade as a harmless file – and sometimes even a helpful file – one should exercise caution before following links or executing files.

What is a fake Trojan virus?

A fake Trojan virus is just that: a fake. The idea behind the fake Trojan scam is to make you believe you’re infected with an actual Trojan. That will elicit a fear response, and you’re much more likely to comply with the attacker’s will by clicking on a link, providing personal information, or purchasing a fake antivirus from the attacker to “clean your system.”

Trojan scam email

Trojans mostly come through two main avenues: email and web browsers. And while their tactics differ, they exploit the same psychological trigger: fear.

You open your inbox one day and find an ominous email stating that your computer has been infected with a Trojan virus, giving the attacker complete control over your machine. They’ll usually claim they already have a copy of all your files and can control your device’s microphone and camera. As such, they’ve filmed you accessing specific sites you’d rather not share with the rest of the world. They may even list some popular sites to try and add realism – if you did visit those sites, it feels pretty real.

Then they state that if you transfer X amount of dollars in cryptocurrency to them, they’ll delete the files and remove the virus from your computer. But if you don’t comply with their deadline, they will leak your data and publicize the videos.

They may even provide a link to a screenshot of the said video. And if your curiosity and fear get the better of you, you’ll click the link and will have just downloaded an actual virus onto your computer.

To some, it may be obvious this is a scam. To others, this will confirm their worst fears and trigger an emotional fear response that bypasses their rational thought processes. That’s what the email was designed to do.

It’s a classic ploy used everywhere, in varying degrees, from politics to marketing.

1. State the problem (device infection)
2. Fabricate evidence (recordings)
3. Point to damages (reputational damage in our case, which is very compelling to human beings)
4. Provide a resolution (payment)
5. Exploit urgency and fear throughout

What should you do if you find a similar email in your inbox?

Hopefully, you never get one of these. But if you do, follow the advice below.

• Don’t respond to the email. You don’t want to engage with your attacker at all. Doing so will only key them into the fact that you’re scared and their tactics are working. And you’ll likely embolden them to continue trying to extort money from you.
• Do not make any payments to the attacker using any payment method. If you send those funds, then you’ll never recover them.
• Report the email as spam to your email provider. This can help them improve their spam countermeasures, which will ultimately protect you from other scams in the future.
• Change your passwords for the accounts mentioned in the email. It may be wise to change the passwords of other accounts you deem essential to be safe.
• Run a full virus scan on your device using a comprehensive antivirus purchased from a reputable vendor to check your system for any actual Trojan viruses. Keep your antivirus software updated and have it run regular scans automatically.
• It won’t hurt to cover your webcam when not in use and to exercise caution when browsing the internet. Clicking links is not frivolous.
• If it’s too late and you’ve disclosed personal information to your attacker or made a payment, report the incident to local law enforcement. It’s doubtful they’ll recover your funds, but at the very least, they can guide you on next steps.

Trojan scam pop-up

This one may be less prevalent today, as most browsers block pop-up windows. But that isn’t the end of the story. Pop-up screens are only one vector for this attack. A website redirect, a spam notification ad, or an adware infection can get you to the same place.

So you’re calmly browsing the web when, all of a sudden, your screen displays an ominous alert – perhaps with a popular antivirus vendor’s logo –  stating that your computer is infected with one or more Trojan viruses.

It will attempt to exploit your fears so that you take quick action (read without thinking it through) by creating a false sense of urgency. “Your personal information is compromised! Click HERE to clean your computer!”

If you click, you’ll either download actual malware, leading to the problems described in the fake warning. Or, you’ll be redirected to a malicious site under the attacker’s control, where you can enter your payment details to buy the antivirus that will clean your computer’s fake infection. Of course, there is no such product – you’ve just been scammed and may have infected your computer with an actual virus.

What to do if you get a fake Trojan alert in your browser

First off, don’t panic. There’s a good chance it’s just a malicious ad served by a dodgy website you visited. Don’t interact with the warning in any way. Don’t click on it, don’t move or resize the window – nothing.

Simply close your browser and relaunch it. You can also install an ad blocker in your browser, and these ads (along with others) should be blocked moving forward. It could also just be a malicious redirect initiated by a dodgy site. So again, shut down your browser and relaunch it – the warning should disappear.

If you’re still getting Trojan alerts after doing the above, you may have installed adware on your system. Adware is a type of malware that, once installed on your system, will download and display unsolicited ads in your web browser. Adware can often be bundled with low-grade free software you can download online. Many people quickly click through an installer without paying much attention to what’s displayed and, hence, don’t realize they’re installing extra software.

Adware can also be installed through malicious browser extensions or clicking malicious links in a phishing email. Whatever the case, if you have an adware infection, you’ll want to remove it.

How to remove adware from your system

• Run an antivirus scan: Run a full scan on your device using a high-quality antivirus purchased from a reputable vendor. Most good antivirus programs can detect and purge adware.
• Remove unknown apps: Go through your system’s installed applications. If you see any apps that you don’t recognize or know you didn’t install, remove them. You can do this from the Control Panel in Windows or by moving applications listed in the Applications folder to the Trash on macOS.
• Reset your browser: Some adware can change your browser settings. Resetting your browser to its default settings can fix this. Every major web browser has a Reset button that can be found in the browser’s settings menu.
• Remove unknown browser extensions: Open your browser’s add-ons/extensions menu and remove any browser extensions you don’t recognize.
• Clear your browser’s cache: Deleting your browser’s cache (temp files, site settings, history, and cookies) can help clean up any residual adware traces.
• Update your apps: Keep your operating system, browser, and installed apps current. Updates provide security patches for the latest threats. You may be protected from yesterday’s malware, but today is a new day. Keep your entire system up-to-date.

General tips to avoid the internet’s “bad stuff”

While not explicitly geared toward thwarting Trojan scams, the tips detailed below will also help in that endeavor.

• Stay away from free software bundles available online. Only install reputable software produced by vendors you trust. That will go a long way to protecting your device from adware.
• Clear your browser’s cache and cookies frequently.
• Be mindful of consistent slowdowns, sluggishness, and overheating of your device. That could be a symptom of an adware infection.
• Don’t open attachments in emails unless you know who the sender is and you’ve confirmed with that person that they did send you that email. You should also ensure they know the email contains an attachment and know what the attachment is to avoid phishing scams.
• Don’t click links (URLs) in emails unless you can confirm who sent you the link and its destination. Contacting the sender through another channel (not email) might also be good to ensure the sender is not impersonated. Also, check the link for incorrect spelling (facebook instead of Facebook or Goggle instead of Google). If you can reach the destination without using the link, do that instead.
• Use a firewall. All major operating systems have built-in incoming firewalls, and all commercial routers on the market provide a built-in NAT firewall. Enable both. You’ll thank me if you click a malicious link.
• Use an antivirus program – Only purchase genuine and well-reviewed antivirus software from legitimate vendors. Keep your antivirus updated and set it up to run frequent scans and real-time monitoring.
• Keep your operating system updated – You want the latest OS updates. They contain the latest security patches that will fix any known vulnerabilities. Make sure you install them as soon as they’re available.
• Never click on pop-ups. Ever. Pop-ups are just bad news—you never know where they will lead you.

Wrap up

So that’s the low down on fake Trojan scams. They’re fascinating because you initially have a perfectly functional and “clean” system. It’s only by convincing you of an imaginary threat that you become the architect of your own demise.

Danger does come from threats, whether real or imagined.

Stay safe.