How to Spot and Remove Fake Antivirus Software

Why Trust Techopedia

Fake antivirus software can present a critical threat to your device. While it’s important to have security software to keep yourself safe, fake antivirus programs, which are really malware, can expose you to a world of dangers.

In this guide, we’ll explain how to spot and remove fake antivirus software so you can protect yourself and keep your devices safe.

What is a Fake Antivirus?

A fake antivirus is a program developed by scammers that mimics a regular antivirus security tool. However, they’ll generally falsely report you have viruses or spyware on your machine and ask for payment to fix the threats.

Many victims are convinced to download fake antivirus programs – also known as rogue antiviruses and smitfraud – by scareware ads made to look like virus alerts running in website banners and pop-up ads. If malware has already been downloaded onto your system, you may see pop-ups generated by other apps.

The main aim of fake antivirus alerts is to get you to make payments or install malicious software – which might harvest your data, track your keystrokes, or lock your files. Of course, if you have a fake antivirus running, you’re also unprotected against all the real threats that exist online.

What Does Fake Antivirus Software Do?

The first thing a fake antivirus will do is to generate false security alerts. Regardless of the actual state of your device, it will report various threats and tell you your device is in danger.

These flashy fake antivirus messages may scare you into clicking on links and paying for software. Some tools go further by mimicking system crashes and blue screens to encourage you to act.

Once running on your device, fake antiviruses will generally disable legitimate antivirus software, leaving your system vulnerable to malware infections, privacy and security breaches, and ransomware attacks.

Virus eraser scams may also change your browser homepage, redirect you to fake websites, hijack your processing power and internet bandwidth, and download additional malware. Malware may also be able to access your financial and personal information, exposing you to fraud and identity theft.

Examples of Fake Antivirus Software

Most fake antivirus software products have names that sound like those of reputable packages to instill trust in users. They’ll also often use generic names like “Antivirus XP” or “MS Antivirus.” Here are some examples of fake antivirus software.

  • SpySheriff — Sends fake virus reports, blocks internet connections, and disables system responses and real antivirus tools.
  • Security Tool — Generates fake alerts and pressures users to purchase a premium plan.
  • WinFixer — Scans for non-existent threats and asks you to purchase the tool to remove the malware. Also called AVSystemCare, WinAntiSpyware, and WinAntiSpy.
  • MacSweeper — Also known as Cleanator, this tool targets Mac users.
  • Green Antivirus — Claims to make a $2 donation to an environmental charity for each transaction.
  • MS Antivirus — Targets Microsoft Windows users and runs fake scans – and has dozens of clones.

Other examples of dubious antivirus programs include Mac Defender, Personal Antivirus, AVLab Internet Security, AntiVirus Pro 2017, A-Secure 2015, and Internet Defender 2011.

How Can Your Device Get Infected with a Fake Antivirus?

Fake Antivirus image

Fake antivirus developers use various tactics to distribute their products. Here are some of the most common rogue antivirus attack vectors.

Malicious Websites — When searching for security solutions online, be careful which sites you visit – and cybercriminals are adept at using SEO to attract users. Untrustworthy sites can potentially install malware into your device without you even knowing.

Phishing emails — Crooks running phishing scams send emails purporting to be from reputable providers, asking you to contact their customer service teams or click a link. These messages often include warnings about breaches, stressing their urgency to encourage you to follow their instructions.

Scareware — You may see pop-up ads or banners that claim something is wrong with your system, encouraging you to click. However, no one can diagnose issues with your system just by loading an ad.

Bundled Software — When you download software, you may end up installing other bundled programs, which could contain malicious browser extensions, toolbars, or fake antivirus products. For example, if you download a free app, a fake antivirus might come bundled with it – and it might be silently downloaded in the background.

Fake Alerts — Malware can install itself on your system and generate fake security alerts informing you that your system is infected. These can direct you to install additional software, such as fake antivirus tools, to scan and resolve these imaginary threats.

Phone calls — Scammers may even contact individuals by phone using social engineering and masquerading as tech support to trick their victims into downloading fake antivirus programs.

How Can You Protect Yourself Against Fake Antiviruses?

Practicing good cyber hygiene is the key to protecting yourself from fake antiviruses.

  • Keep your OS, browsers, and plug-ins up to date
  • Consider using an ad blocker to avoid scareware ads
  • Don’t click on pop-ups if you’re uncertain about them
  • Don’t install software from suspicious websites, and research software before installing it if in doubt
  • Get a legitimate antivirus program and run regular scans

Knowing how to identify and avoid fake antivirus software can help you protect your computer and yourself.

How To Detect Fake Antivirus Scams

Fake antivirus tools can be very convincing, so it’s important to be aware of some tell-tale signs to identify them. And trust your instincts – if it seems suspicious, it probably is.

Here are some ways to identify a fake antivirus:

  • High-frequency alerts — Reputable antivirus software won’t bombard you with urgent security alerts. A fake antivirus’ main aim is to pressure you into downloading malicious products and making additional payments.
  • Requests for money — The best antivirus software providers won’t request money before removing a threat – you only have to pay for a subscription. However, a fake antivirus will immediately ask for payment and your credit card details to remove threats.
  • Bad grammar — Reputable sites will have polished designs with well-written descriptions of their products. However, fake software vendors will often have content and alerts riddled with misspellings and grammatical errors.
  • Poor website interface — Fake antiviruses will often lack a professional website or contact information for the provider. Their site will be a poor replica of those offered by reputable antivirus software providers.
  • Disable legitimate software — Some fake antiviruses will impair the functionality of legitimate antivirus software from running properly. If you see warnings like this, it’s a red flag.
  • Urgent language — Fake antivirus software will use phrases like “immediate action required” and “threat detected” to catch your attention in a way that legitimate providers would be unlikely to.
  • Free antivirus scams — Antivirus scams sometimes present themselves as free antivirus solutions – you’ll install one on your system, only to regret it later. If you’re looking for a free antivirus solution, ensure you are looking at a genuine provider. The best of these generally also offer paid solutions.

How To Remove Fake Antivirus Software

TotalAV Windows Antivirus

If you’ve spotted a fake antivirus running on your computer or smartphone, it’s important to address the issue quickly. Here’s how to remove fake antivirus software from your system.

  1. Restart Your Computer In Safe Mode

    Entering safe mode will shut down all operations and only load basic services. This mode is like a diagnostic mode, so it will generally shut down the operations of the fake antivirus software.
  2. Reset Browser Settings

    Your browser settings are one of the first things affected by fake antiviruses. Go to the default browser settings and reset your web browser to remove unwanted extensions and plug-ins.
  3. Uninstall Any Unwanted Or Suspicious Software

    Thoroughly check for any unwanted or suspicious apps or apps you don’t recognize. After uninstalling them, delete any temporary files and clear the cache. Some malware can be difficult to remove – and it may even require a factory reset.
  4. Install Antivirus Software

    Next, install a genuine antivirus software product and run a few scans. If the scan detects threats, it will attempt to address them to protect your device. When choosing antivirus software, make sure you only purchase a product from the provider’s official website.
  5. Restart and Monitor

    To turn off safe mode, restart your computer – and then continue to monitor how it behaves. Look for pop-ups and security alerts, and if the behavior has stopped, continue to run periodic scans to confirm your system is free from the fake antivirus.

Top Antivirus Solutions to Protect You From Fake Antivirus Scams

EDITOR’s CHOICE

TotalAV – Outstanding Antivirus Software for Complete Protection, Including Password Manager and VPN

  • Minimal system impact
  • Unlimited VPN bandwidth
  • Excellent phishing protection

Here’s a table covering the best antivirus solutions for all your devices to ensure you don’t fall prey to fake antivirus scams and to help you tackle infections.

Antivirus Software Test Results Starting Price Max Devices Supported Compatibility Free Version Top 3 Features
TotalAV 5.5/6 for performance and 6/6 for usability $29/year 6 Windows, Mac, iOS and Android Free scan – Zero-day cloud scanning
– PUA protection
– Browser manager & cleaner
Norton 6/6 for protection and usability $19.99/year 10 Windows, Mac, iOS and Android 30 days – 100% Virus Protection Promise
– 2GB cloud backup
– Hacking protection
TrendMicro 6/6 for protection, performance, and usability $19.95/year 10 Windows, Mac, iOS and Android Yes – Blocks dangerous websites
– Defends against phishing scams
– Dark web monitoring
ESET – 6/6 for usability
– 5.5/6 for protection and performance
$39.99/year 10 Windows, Mac, and Android 30 days – Data encryption
– Password management
– Network and smart device protection
Avast 6/6 for protection, performance, and usability Free / $34.68/year 30 Windows, Mac, iOS, and Android Free plan – Advanced ransomware protection
– Permanently delete sensitive files
– Web Shield blocks dangerous files and sites
Malwarebytes 6/6 for usability with a 99.99% detection rate $44.99/year 20 Windows, Mac, iOS, and Android Free plan – Brute force and uninstall protection
– Browser Guard features
– Identity theft protection

Additional Antivirus Resources

Now that we’ve explored fake antiviruses, here are some comprehensive guides from our network that’ll help you select a genuine, high-quality antivirus solution.

Summary – Protecting Yourself From Fake Antiviruses

Fake antivirus software can be very convincing. The best way to protect yourself is to avoid potentially untrustworthy sites and only download antivirus software from reputable providers from their official websites.

Regularly running malware scans is also wise, as is avoiding links and pop-up alerts that pressure you to make immediate payments. With the right security measures in place and an awareness of common threats, you can keep yourself safe from attacks.

Fake Antivirus FAQs

What is a fake antivirus?

How can you detect fake antivirus scams?

How can I protect myself against fake antiviruses?

Can you check if an antivirus is not fake?

How do you stop fake antivirus pop-ups?

Krishi Chowdhary
Tech Expert
Krishi Chowdhary
Tech Expert

Krishi Chowdhary has half a decade of experience writing buying guides and product reviews for numerous leading technology websites. He spent two years writing for Business2Community.com before joining Techopedia.com. He has a degree in Commerce and extensive experience in the technology industry. He's also the key driver behind TechReport.com's news content, delivering expertise insight into the latest tech and cybersecurity news daily.